When I had Windows servers at home, I would use the Remote Desktop tool to remotely login and manage everything from my Windows workstation.

Now that all of my servers have been converted over to Linux, I use the time honored tradition of using SSH to login and manage everything from my Macs (iMac and MacBook). Although with 5 Linux servers, it gets quite tiring typing in your password to authenticate each and every time I want to connect. Above and beyond that, password-less SSH logins come in handy when you have backup scripts running or when you’re deploying applications using Capistrano.

You can avoid pitfall by using SSH keys that are generated on your workstation and then stored on your servers.

I should note that this method doesn’t make your systems more secure, in fact it makes security weaker. If someone were to get a hold of your private keys, they could automatically login to any servers that use this method! Use at your own risk.

As I’ve said, I’m using my Mac as a client (specifically OS X Leopard) so these instructions are written with that client in mind. With that being said, I’m sure that the instructions can easily be ported to Linux or *BSD with minimal effort.

Open up a terminal window and type in “ssh-keygen -t [rsa|dsa]”. You can choose either RSA encryption or DSA encryption. As to which one is better, that’s open for debate. For my application, either one is equally suitable. One thing seems to be certain in my cursory research; RSA key generation is slower that DSA, but RSA is faster when verifying. For the rest of the example, I’ll be using an RSA key pair.

Once you run the ssh-keygen command, it will start generating a public and private key pair. You’ll be prompted to save the private key, I would choose the default which would normally be something like this: /Users/[username]/.ssh/id_rsa.

After choosing the directory where the private key is stored, you’ll be prompted for a passphrase. This is the passphrase for the private key and as such you’ll want to choose a strong passphrase. Something like, “I wouldn’t vote for Hillary for all of the tea in China!” Again, make this as strong as possible and DO NOT FORGET IT!

Once that has been completed, you should have two files in the directory that you chose earlier; a public key (id_rsa.pub) and a private key (id_rsa).

This public key now has to be copied to the server. You can do this with one command: "cat .ssh/id_rsa.pub | ssh [username]@[servername] “cat >> .ssh/authorized_keys”. Since the public key hasn’t been copied, you’ll have to enter in your password for the remote server. This should be the last time that you’ll need to do that if everything has gone well.

One last thing, if you want a deeper understanding of encryption, decryption and public key cryptography the book, Cryptography Decrypted, is an excellent resource.