Public-key authentication(UNIX & Mac OSX)

Revision as of 01:29, September 25, 2005 by Jcao (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Difficulty: 3

SSH without a password : Public-key authentication (UNIX and Mac OS X)

To execute this solution, the reader should: 
     be comfortable with the command line 


Note: Logging in without a password will save you a few seconds out of every day. It comes however, with an added security risk: if someone compromises your machine, they can then log into WSO with your account. If you are willing to bear this responsibility, then read on.

The basic idea is that WSO's server will check for a special key on your computer every time you log in, and if it checks out, you'll be allowed in without entering a password. If you'd like a more in-depth explanation, read on:

http://the.earth.li/~sgtatham/putty/0.54/htmldoc/Chapter8.html#8

Anyway, enough chit-chat. Here's how to do it:

Adapted from http://bumblebee.lcs.mit.edu/ssh2/.

  1.Open a terminal 
  2.Generate a public key and a private key. We'll copy the public key over to the server later. 
    $ ssh-keygen -t rsa -f ~/.ssh/id_rsa 
  3.When it says something like Enter passphrase (empty for no passphrase): 
    Just press return. 
  4.Let's copy the public key to WSO. Type 
    $ scp .ssh/id_rsa.pub user@wso:~/.ssh/. 
  5.Cruise over to the WSO server: 
    $ ssh user@wso.williams.edu 
  6.Hop into the SSH directory: 
    $ cd .ssh 
  7.Append the key to your list of authorized keys: 
    $ cat id_rsa.pub >> authorized_keys2 
  8.Change permissions: 
    $ chmod 640 authorized_keys2 
  9.Kill the key. 
    $ rm id_rsa.pub


All done! Now you can SSH and SCP to WSO without a password.

-Evan Miller