Passwordless SSH Everywhere

I’ve known about ssh keys for a long time and frequently use them, most frequently so that a script can transfer a file between two servers without having to do some mumbo-jumbo where I try to pipe a password into it or some other wacky thing. I hadn’t fully embraced ssh keys, though, because I didn’t like the idea that if I lost my laptop, I’d be losing a free key into my servers. Then I discovered ssh-agent. This isn’t new, so I’m kind of embarrassed I didn’t know about it, but I’ve been using it for a few months now and I can’t imagine going back.

Using ssh-agent, you can wrap your private ssh key in a password and the only time you’ll need to enter your password is when you add the key to the agent. Once that’s done ssh essentially behaves as if your key wasn’t password-protected – you don’t get prompted for it again.

If you enable agent forwarding, and put your public key on all the servers you connect to, life gets even better. If your machine is A, and you put your key on B, C, D, and E, using ssh agent forwarding you can go A -> B -> C -> D -> E without being prompted for a password. It’s sweet!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s