I use
the SSH client Putty to login to my FreeBSD server from my Windows workstation and entering passwords on the commandline can be a chore. Starting up Putty and connecting to servers you use regularly via SSH can be made a lot easier though by using secure keys, allowing you to fire up putty and get 'auto logged in' without the need for password entry.
The idea is you create a pair of keys on the machine from which you'll be logging in via SSH, one public and one private. The public key is stored on the server to which you're logging into and the private key is stored at the machine you'll be logging in from. Once both keys are in place, you can associate your private key with the SSH session associated with the server where the public key lives at the other end. Now when you login you don't need to enter a password - Putty sends the public key information along at the authentication phase, the remote server checks the private key against the public key it finds on the server and if everything checks out you're logged in without being prompted for a password.
There's a great article for
setting up a key pair in the PuTTYgen utility and installing the key on the remote server on this site, the basic steps are:
Run the PuTTYgen key pair generator to create a public and private key - PuTTYgen can be found here on the Putty site. Note if you don't want to have to enter any password at all (see security disclaimer below!), do not enter a passphrase to protect the private key
Copy the public key into the file ~/.ssh/authorized_keys (or ~/.ssh/authorized_keys2 for SSH2, though I think SSH2 still reads ~/.ssh/authorized_keys). The public key usually looks similar to this:
CODE:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEApiVHreNg3Xnmrl9lo6nCpsb+
iytNHBZDztLshEhLaucQCs66b0K2fjpfl3KheQB9lpIBBtL0NaPZslo1fVGnJT8fF4ZywIyNuKzN8cYM+
zfIMjqe8UxQD1QfE1s4QxBhgyihGb6PwQkYJeWfMaINq5pnuHzx2Fc1kWRMdaGQvSU= munk@winny
(actually broken up so it displays properly here, usually a single line)
Ensure the ~/.ssh/authorized_keys file is readable only by the user:
CODE:
chmod 600 ~/.ssh/authorized_keys
Finally, tell Putty to use the private key for all SSH sessions with the remote server. This is done by selecting the session settings in putty for the server that has the public key, clicking 'Load', selecting the 'Connection, SSH, Auth' setting page and then selecting the private key file on that page using the Browse button. Save the settings by going back to the 'Session' page tab and hitting 'Save'.
If all went well and the private key was created without using a password phrase, this should allow you to login to the remote server without the need for a password.
However
IMPORTANTLY it should be stressed for obvious reasons using no passphrase to protect the private key should only be contemplated on a machine on which you know noone else uses or has access to - either physically or across a network. I feel like a dirty security whore in a way for even suggesting not using a security passphrase for the private key, but the truth of it is noone has physical access to this machine who would care about accessing my servers so ...
I'm off to setup a passphrase now...
:)
