Quick SSH Tip

I'd wager many of you know this already. Having done this a couple times the last two days though, I thought I'd add it for those that don't. Maybe it's useful to someone.

Problem: You want to log into a remote server with SSH and you don't want to type a password. You know about key pairs and authorized_keys and are ready to copy your public key. You might be tempted to do it like this:

  1. SCP your identity to the remote machine (have to type your password again).
  2. ssh to the remote server (have to type your password again)
  3. append the public id to the authorized keys file
  4. delete the copied file
  5. Exit
  6. try the keyless login

Here is where you can save a few steps. You can append the file with ssh instead of copying the file over with scp. This saves you a login and typing your password once.

  1.  
  2. cat id_dsa.pub | ssh remote_server "cat >> [path to user home]/.ssh/authorized_keys[2]"
  3.  

There. Type your password once for the copy and then test the passwordless login.

5 Responses to “Quick SSH Tip”


  1. eggyknap

    Also useful is the ForwardAgent option in your $HOME/.ssh/config. If you ssh to machine A w/ a key, and then want to go from A to machine B (which also knows about your key), you’d normally need your private key copied to machine A. But ForwardAgent, in combination with an ssh-agent on your machine, tells machine A to forward B’s authentication negotiation stuff back to your local ssh-agent. In short, you can go from A to whatever other machines you want (and from those machines to still other machines) without copying your private key all over.

  2. Yorokobi

    OpenSSH has a tool to copy your ssh key to remote hosts: ssh-copy-id(1)

    No need to cat your .pub and | it through SSH.

  3. Dennis

    Both of those are great followup tips. Thanks!

  4. Yorokobi

    Another excellent SSH tool: ControlPath

    In your .ssh/config add

    Host *
    ControlMaster auto
    ControlPath ~/.ssh/master-%r@%h:%p
    ——

    If you ever have to SSH to the same host simultaneously, this will save loads of time.

    What it does: I SSH to machine A and do some work but I need a separate shell opened to machine A to do concurrent work so I SSH in again. With ControlPath the new session uses the current one–you log in in an instant.

    Yes, GNU Screen can accomplish the same thing, but if you SSH as one user, then sudo su – , this is a great solution.

    My $0.02

  5. ssh tricks | The Fugue

    […] Muhlestein posted a quick ssh tip, and then a couple of really neat gems emerged in the comments. For the sake of those who […]



css.php