SSH connection without password
October 6th 2006
[Update (24/03/2007): see new post on subject]
Following Txema's wonderful explanations, and translating from Basque a Dec 2, 2002 e-mail, here they go the instructions to connect from computer A to B via SSH, without computer B ever asking for our password.
Notice that it is not a security breach, because we are allowing a certain computer A (and user) to connect to B. Of course, if A is somehow compromised, then applying this recipe would give the attacker hability to connect from A to B with no hassle. If you fear computer A being compromised, then don't do it.
On the other hand, it can actually be a hardening of the security of computer B. If only a certain user of A is allowed to connect to B without password, and then remote passwords are deactivated (making that, if you need to input a password, you can not connect), then a cracker breaking into A would have to first break into the account of that certain user to access B. Otherwise, no other user is allowed to try to connect to B from A.
Whatever.... Let's get going:
In computer A, generate a DSA key for that machine (and account):
ssh-keygen -t dsa
This creates the following file at
The contents of such file should be copy-pasted (beware line-breaking, because it is a single, very long, line) into B, namely into a file called (create if doesn't exist, append to it if it exists)
Now, the A user in whose
~/.ssh/ resides the
id_dsa.pub, will be able to connect without password to the B computer account of the user in whose
~/.ssh/ is the
2 Comments »