SSH is amazing, and we praise its existence on Null Byte for many reasons. Notably, it allows us to reroute our traffic through encrypted ports on our local host to be sent to its destination when on the go. You can even control your home computers remotely over a secure and encrypted connection. This is handy for a multitude of reasons.
However, if you've been using SSH for a while, you probably know that it can be a bit tedious at times. I find entering my shell password over and over again tedious, at least as much as I reboot (which is often). Since I use SSH to host an IRC bot, I need it to be accessible 24/7, whenever I feel like changing something. A logical step would be to create a daemon to automatically start the forwarded connection at boot, but it will still ask you for a password.
To avoid further tedium, today's Byte will be showing you how to use key-based authentication without the use of a password over SSH. This will allow for decent security with an automatic daemon for all of our programs to tunnel thorough on startup.
- SSH client installed
- Linux or OS X
- Remote shell that you can log into
The process of creating a passwordless login begins by generating a private and public SSH key-pair. When generating the key, if you do not use a password, it will be a simple key-exchange that happens on the server if it has your public key stored on it.
That means we need to first log into our shell, then leave it open in another tab to avoid getting locked out. For instructions on proceeding, follow me in the video below.
- ssh-keygen -b 4026 -t rsa -C"$(id -un)@$(hostname)-$(date --rfc-3339=date)"
- cat .ssh/id_rsa.pub
- Copy & paste to ~/.ssh on remote host.
Be a Part of Null Byte!