Passwordless SSH


#1

Hello,

I have a couple of servers that I connect to via SSH, and I am trying to configure all of them to work passwordless. I initially tried to setup passwordless SSH on my DreamHost account (following the SSH entry on the DH Wiki), and just had a general question to those who may know the answer.

On my Mac, I did the ‘ssh-keygen -t rsa’ and instead of using id_rsa as the filename, I decided to give it a more descriptive name, like dreamhost (to let me know which server the keyfile was for). I continued and copied dreamhost.pub to the DH server, and appended/replaced the authorized_keys file. (I kept the original dreamhost file in my local .ssh folder on my Mac)

Something strange was, that this did not work. I repeated the instructions identically, and this time I used the default name id_rsa and id_rsa.pub. It worked.

My question is, why do you have to use id_rsa as the file name to store your key, and if this is the filename required, how can you configure your machine to have several passwordless SSH logins?

Out of curiosity, I deleted the authorized_key file as well as everything in my local .ssh folder on my Mac. I tried it again using my username (wwebb/wwebb.pub) with no luck. Going back and using id_rsa, it worked!

Can anyone tell me what I might be doing wrong with this? Thanks!


#2

You will need to use the -i option in ssh to tell it where to find the dreamhost file. Otherwise, ssh just uses the default name.

Alternatively, you can create a file called config in your ~/.ssh directory. In it put:

Host dreamhost
User <your username, if different than on your mac>
HostName
IdentityFile

Then you can do ssh dreamhost, and it should all work. :slight_smile:


#3

I was familiar with the -i flag, but never really made the connection that ssh defaulted to the id_rsa unless otherwise specified. I guess I should’ve realized that :slight_smile:

The config file for ssh is awesome. I had never heard of that before, nor had I seen it in any of the stuff I googled trying to figure out the passwordless keyfile issue. That works out well, and I will most likely use that quite frequently from here on out. Thanks!

  • William