Setting up password-less ssh

 

It's very convenient to be able to log in to a machine without having to use a password (particularly when using subversion to check out or commit code changes).  Here is one set of steps to do it.

On the client (the machine you want to log in from, e.g. your desktop), type "ssh-keygen", accept the default location for the keys, and just hit enter both times you're prompted to give a passphrase.

Now, open a window to the server (the machine you want to log in to, e.g. membrane).  Open the file ~/.ssh/authorized_keys in a text editor.  On the client, look at the file ~/.ssh/id_rsa.pub using either a text editor or less, and cut and paste the contents of this file into the authorized_keys file on the server.  Make sure you didn't introduce any line breaks in the process.  Save the file, and try logging in again -- you should get through without being prompted.

UPDATE: Fixing SELinux Issues

If the above didn't work, or you copied your .ssh files from another machine, there's the possibility that the "security context" of the files are wrong.  Try saying

ls -lZ ~/.ssh

If the context wasn't set right, you'll see something like 

[root@membrane .ssh]# ls -lZ .

total 16

-rwx------. 1 lsalas users unconfined_u:object_r:default_t:s0  419 Jul 17 18:14 authorized_keys

-rw-------. 1 lsalas users unconfined_u:object_r:default_t:s0 1679 Jul 17 18:15 id_rsa

-rw-r--r--. 1 lsalas users unconfined_u:object_r:default_t:s0  416 Jul 17 18:15 id_rsa.pub

-rw-r--r--. 1 lsalas users unconfined_u:object_r:default_t:s0  180 Jul 17 18:16 known_hosts

 

In this case, the solution is to change the context of the files.  

chcon -t ssh_home_t  ~/.ssh ~/.ssh/*

chcon -t sshd_key_t ~/.ssh/authorized_keys

Root permission may be necessary...