How to config SSH to log in without passphrase
Abstract
This document present how to setup SSH authentication without providing the passphrase. Review of How_to_config_SSH_to_log_in_without_typing_password document is required.
1. Append the following line to the ssh client home directory profile file (~/.profile) to start the ssh-agent daemon at login. It may be added at the end of the profile.
eval $(ssh-agent)
-> ~/.profile
.
.
.
eval $(ssh-agent)
2. Trap signal 0 to kill the ssh-agent daemon at shell logout.
-> ~/.profile
.
.
.
trap "ssh-agent –k" 0
- Note: If your ~/.profile already has a trap statement modify it to include killing of the daemon. For example, to trap echo and ssh-agent kill at the same time.
-> ~/.profile
.
.
.
set -u
trap "echo 'logout'; ssh-agent -k" 0
3. Logout or reload the profile on your account . then log back in again as the required user on the client.
$ login <username>
4. Verify that the ssh-agent daemon started after login.
$ ps –f | grep [s]sh-agent
<username> 15339 1 0 17:03:10 ? 0:00 ssh-agent
5. Load both your id_rsa identity key and id_dsa identity key into the ssh-agent daemon. When prompted, enter your passphrase. This will be required only once.
- Note: In this example both encription keys are used, so so both need to be included
client$ ssh-add ~/.ssh/id_rsa
client$ ssh-add ~/.ssh/id_dsa
6.Log in on sever
client$ ssh <username>@server