SSH Automatic Login

Of course this is not the right phrase for it. It should be something like “key-based authorization with SSH”. Or simply “publickey authorization”. Or “unattended ssh login”. But I guess you know what I mean.

Here are the steps:

1. Create a public ssh key, if you haven’t one already.
   Look at ~/.ssh. If you see a file named id_dsa.pub then you obviously already have a public key. If not, simply create one. ssh-keygen -t dsa should do the trick.
   Please note that there are other types of keys, e.g. RSA instead of DSA. I simply recomend DSA, but keep that in mind if you run into errors.
2. Make sure your .ssh dir is 700:
   chmod 700 ~/.ssh
3. Get your public ssh key on the server you want to login automatically.
   A simple scp ~/.ssh/id_dsa.pub remoteuser@remoteserver.com: is ok.
4. Append the contents of your public key to the ~/.ssh/authorized_keys and remove it.
   Important: This must be done on the server you just copied your public key to. Otherwise you wouldn’t have had to copy it on your server.
   Simply issue something like cat id_dsa.pub >> .ssh/authorized_keys while at your home directory.
5. Instead of steps 3 and 4, you can issue something like this:
   cat ~/.ssh/id_dsa.pub | ssh -l remoteuser remoteserver.com 'cat >> ~/.ssh/authorized_keys'
6. Remove your public key from the home directory on the server.
7. Done!
   You can now login:
   ssh -l remoteuser remoteserver.com or ssh remoteuser@remoteserver.com without getting asked for a password.

That’s all you need to do.

16 Responses to “SSH Automatic Login”

• #1 hendrik Says:
  October 18th, 2007 at 10:29 pm

  On OS X, you must change the permissions of you public key in ~/.ssh to something like 600, otherwise it won’t be accepted as public key because it is too open..

• #2 uberdose Says:
  October 19th, 2007 at 7:29 am

  @Hendrik: I have included that. Thanks.

• #3 Fernando Says:
  November 6th, 2007 at 7:36 am

  Thanks for the informative post. You might like to know that your blog post shows up as the first result (as of this writing) for the search “automatic ssh login”.

  I have one comment, however, you say “done” but then do NOT specify the ssh command line command to connect to the remote server using public key authorization.

  Also, what happens when the username is not the same?

  Ie, I’m user “joe@localhost” on my notebook, but I want to login to ssh.someserver.com as ‘johndoe’?

  FC

• #4 uberdose Says:
  November 6th, 2007 at 9:04 am

  @Fernando: Thanks for the heads up, I have added what you asked for and hopefully clarified a bit.

• #5 Devesh Says:
  December 17th, 2007 at 4:20 pm

  I followed all above steps but still I am asked to select rsa fingerprints and password.

• #6 uberdose Says:
  December 17th, 2007 at 8:26 pm

  @Devesh: Your server needs to allow this, there are settings that can disable public key authentication.

• #7 John Says:
  December 22nd, 2007 at 2:50 am

  In os x leopard, it is not necessary to chmod 600. I don’t really know what the details are, but it worked for me. Also, I used RSA instead of DSA because I’d already set up ssh key-based authorization with RSA (I looked up this guide because I’d forgotten what I did before).

  Thanks for the clear directions!

  John

• #8 Bimal Poudel Says:
  January 20th, 2008 at 10:15 am

  This article helped me in building automated file transfers from my test servers to deplyment servers. I could do it all without my notice, and schedule the uploads in cron. Pretty nice explanation.

  But in line #5, it is better to write instead:
  cat ~/.ssh/id_dsa.pub | ssh -l remoteuser remoteserver.com ‘cat >> ~/.ssh/authorized_keys’

  Just, I added ~/.ssh instaed of .ssh in the last.

• #9 uberdose Says:
  January 20th, 2008 at 6:37 pm

  @Bimal: Thanks for your suggestion I just edited the post.

• #10 asebt Says:
  February 8th, 2008 at 6:35 pm

  Hi,

  You can used extraputty :
  # allow win32 application to send,receive data on Telnet, SSH, RLogin and Raw protocols.
  # offers TestStand steps to send,receive data on Telnet, SSH, RLogin and Raw protocols.(installed by the windows installer)
  # automatic sequencing of commands.

  I hope that can help you. Asebt.

• #11 uberdose Says:
  February 8th, 2008 at 6:38 pm

  @asebt: This post is not about SSH clients, it’s about automatic login with ssh as the title suggests.

• #12 Martin Says:
  March 10th, 2008 at 4:06 pm

  The whole process is much easier if you just use:
  ssh-copy-id [-i [identity_file]] [user@]machine

  1. ssh-keygen -t dsa
  2. ssh-copy-id user@machine

  done.

• #13 chiru Says:
  May 5th, 2008 at 12:18 pm

  I did the things you have told..but its still asking for password.
  These are the messages i got when i do ssh -v remoteserver.com

  debug1: Authentications that can continue: publickey,password
  debug1: Next authentication method: publickey
  debug1: Trying private key: /users/vchk/.ssh/id_rsa
  debug1: read PEM private key done: type RSA
  debug1: Authentications that can continue: publickey,password
  debug1: Trying private key: /users/vchk/.ssh/id_dsa
  debug1: read PEM private key done: type DSA
  debug1: Authentications that can continue: publickey,password
  debug1: Next authentication method: password
  remoteuser@remoteserver.com’s password:

  Any suggestions about this?

• #14 Keith Says:
  May 5th, 2008 at 4:28 pm

  @chiru I was having that same problem, and it turned out that the permissions on my home directory on the server I was connecting to were wrong…something to look at.

• #15 chiru Says:
  May 5th, 2008 at 4:36 pm

  Thanks Keith…Removing group/others write permissions for home directory did the trick

• #16 dialalllama Says:
  July 6th, 2008 at 5:22 pm

  In my case removing group write permissions from authorized_keys fixed it

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website

Notify me of followup comments via e-mail

---