Thursday, November 09, 2006

Passwordless logins with keychain

We had discussed ssh-agent to do passphraseless logins, but you still have to enter your passphrase when you logout and ssh-agent doesn't work with cron jobs as well

So, what you do is setup ssh-agent and then use keychain to keep your SSH passphrases alive till you reboot

Install keychain & add the following likes to your bash profile (.bash_profile)

keychain id_dsa
. ~/.keychain/$HOSTNAME-sh

Use the real name of your private key: id_rsa, my_key. Be sure to use the leading dot on the second line which tells your shell to read the file named on the line.

That's all you have to do. Now, when you log in, you get a keychain prompt, asking for the passphrase of your key.

You'll enter the passphrase for each one at system login. Then keychain will handle authentications even if you logout and login. You will have to redo it when you restart you system though.

No comments: