Nobody really likes entering one's password repeatedly and sometimes you have automated jobs that need to log in remotely to other systems and you aren't there to enter a password. Fortunately, this is a really easy problem to solve. Depending on your local client -- Windows or Unix -- there are two ways to go about it. The server, on the other hand, is very easy to configure.

Let's look at Unix first. On the local computer -- the one from which you will be logging into the other -- run this command:

ssh-keygen -t dsa -b 1024

This will generate a key pair and ask you where you want to save it. The default is in the ~/.ssh directory and that should be where you put it. The second question will be if you want to put a passphrase on the key. Unless you want to continue to enter a password when you try to ssh between systems, do not enter a password here.

The two pairs to the key that were generated are id_dsa and id_dsa.pub. The former is your private key and should never be shared and will stay on this system. The latter, id_dsa.pub is the public key. The public key needs to be placed on any system to which you wish to connect.

On the other hand, if you are using Windows, make sure that you've downloaded the Windows installer. When you've finished installing it, you want to run PuTTYgen. Generate a standard SSH-2 RSA key with 1024 bits in it.

Once you've completed making a key, save the public and private keys somewhere on your computer where no one else can access them. You will use the private key in the near future. In the top of the window, where there is a read-only text box that says "Public key for pasting into OpenSSH authorized_keys file", copy that text and paste it into Notepad and save it into a file called id_dsa.pub. This public key needs to be placed on any system to which you wish to connect.

However, you are not done with Windows. To make PuTTy automatically log in to your remote server, you must also run Pageant. Pageant sits in the system tray and holds private keys. You must manually add each private key for Pageant to recognize them. You should place Pageant into your Startup folder so that every time you reboot it is loaded. And of course, you must follow these instructions to have Pageant automatically load your private keys on startup.

Great! Now let's put those id_dsa.pub files on your remote servers. Copy each one over using a secure transmission protocol, such as SCP. Then log into the remote system and run these commands:

touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
cat id_dsa.pub >> ~/.ssh/authorized_keys

You'll need to copy each public key into the authorized_keys file. And then you're done. That's all there is to it. Now, every time you try to log into that remote server, you will never have to enter a password.

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License. Any instructions provided in this essay are provided as-is with no warranty whatsoever and the author bears no liability resulting from any and all uses of this work. Use at your own risk.

---