Security is good and passwords are boring. I use RSA/DSA key authentication when I connect to my web servers via SSH and made a habit of not setting a password for the keys. This way I could connect without logging in. Very easy but not very secure if someone got their hands on my RSA/DSA keys.
Thanks to the article "OpenSSH key management" by Daniel Robbins, Part 1 and Part 2, I now have a secure *and* convenient setup.
The program that made the solution extra good is Keychain, by the author of the article. Install Keychain and then add the necessary lines to your login script.
Read the rest of this article for an example using the Bash shell...
I use Bash for my shell and have put the following lines in the ~/.bashrc file.
Thanks to the article "OpenSSH key management" by Daniel Robbins, Part 1 and Part 2, I now have a secure *and* convenient setup.
The program that made the solution extra good is Keychain, by the author of the article. Install Keychain and then add the necessary lines to your login script.
Read the rest of this article for an example using the Bash shell...
I use Bash for my shell and have put the following lines in the ~/.bashrc file.
# Keychain is an OpenSSH key managerNow it's only after a reboot (very seldom in Mac OS X) that I need to enter the password to unlock my SSH keys. Normally I only enter "% ssh1" etc. and I'm connected to the remote server. Keychain and ssh-agent handle my passwords in a secure manner behind the scenes. You can, of course, use scp in the same manner.
# This will add my SSH1 and SSH2 key
/usr/local/bin/keychain ~/.ssh/identity ~/.ssh/id_dsa
source ~/.ssh-agent-${HOSTNAME}
# Alias to servers via SSH
alias ssh1='ssh userid1@domain.tld'
alias ssh2='ssh userid2@domain.tld'
alias ssh3='ssh userid2@domain.tld'
•
[43,433 views]

