Quick SSH Tip

I’d wager many of you know this already. Having done this a couple times the last two days though, I thought I’d add it for those that don’t. Maybe it’s useful to someone.

Problem: You want to log into a remote server with SSH and you don’t want to type a password. You know about key pairs and authorized_keys and are ready to copy your public key. You might be tempted to do it like this:

  1. SCP your identity to the remote machine (have to type your password again).
  2. ssh to the remote server (have to type your password again)
  3. append the public id to the authorized keys file
  4. delete the copied file
  5. Exit
  6. try the keyless login

Here is where you can save a few steps. You can append the file with ssh instead of copying the file over with scp. This saves you a login and typing your password once.

cat id_dsa.pub | ssh remote_server "cat >> [path to user home]/.ssh/authorized_keys[2]"

There. Type your password once for the copy and then test the passwordless login.

This entry was posted in System Administration and tagged , , . Bookmark the permalink.

5 Responses to Quick SSH Tip

  1. eggyknap says:

    Also useful is the ForwardAgent option in your $HOME/.ssh/config. If you ssh to machine A w/ a key, and then want to go from A to machine B (which also knows about your key), you’d normally need your private key copied to machine A. But ForwardAgent, in combination with an ssh-agent on your machine, tells machine A to forward B’s authentication negotiation stuff back to your local ssh-agent. In short, you can go from A to whatever other machines you want (and from those machines to still other machines) without copying your private key all over.

  2. Yorokobi says:

    OpenSSH has a tool to copy your ssh key to remote hosts: ssh-copy-id(1)

    No need to cat your .pub and | it through SSH.

  3. Dennis says:

    Both of those are great followup tips. Thanks!

  4. Yorokobi says:

    Another excellent SSH tool: ControlPath

    In your .ssh/config add

    Host *
    ControlMaster auto
    ControlPath ~/.ssh/master-%r@%h:%p
    ——

    If you ever have to SSH to the same host simultaneously, this will save loads of time.

    What it does: I SSH to machine A and do some work but I need a separate shell opened to machine A to do concurrent work so I SSH in again. With ControlPath the new session uses the current one–you log in in an instant.

    Yes, GNU Screen can accomplish the same thing, but if you SSH as one user, then sudo su – , this is a great solution.

    My $0.02

  5. Pingback: ssh tricks | The Fugue

Leave a Reply

Your email address will not be published. Required fields are marked *