CS 326 Operating Systems

Setting up Passwordless ssh

It’s often useful to set up passwordless ssh when working with several servers in the department. This guide will walk you through setting up the keys on your local machine as well as the department machines.

Local Machine to USF CS

First, we need to be able to reach the CS network. If you can already run:

ssh cs-username@stargate.cs.usfca.edu

…and log in without entering a password, then you can move on to the next section.

# (1) On my local machine -- I already have a key pair, so I will 
# just reuse the existing one. Skip to step (3).
[matthew@silicon:~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/matthew/.ssh/id_rsa):
/Users/matthew/.ssh/id_rsa already exists.
Overwrite (y/n)? n

# (2) Assuming the key doesn't already exist, the output from
# ssh-keygen will look like the following. Just hit <enter> for
# each of the prompts to accept the defaults!
[matthew@silicon:~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/matthew/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/matthew/id_rsa.
Your public key has been saved in /Users/matthew/id_rsa.pub.
The key fingerprint is:
...
(fingerprint and randomart image display)
...

# (3) Now we need to copy our public key to the CS network.
[matthew@silicon:~]$ ssh-copy-id cs-username@stargate.cs.usfca.edu
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/matthew/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
mmalensek@stargate.cs.usfca.edus password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'mmalensek@stargate.cs.usfca.edu'"
and check to make sure that only the key(s) you wanted were added.

[matthew@silicon:~]$ ssh stargate.cs.usfca.edu
Last login: Wed Jan 23 22:00:31 2019 from 75.25.144.132
[stargate:~]$ # hooray! It didn't ask for a password.

Between Servers Within USF CS

The next thing we need to be able to do is jump between servers inside the CS network. If you can ssh gojira without typing your password, you can skip this step.

# Once again, the defaults (just hitting enter) are fine.
[mmalensek@stargate]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home4/mmalensek/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home4/mmalensek/.ssh/id_rsa
Your public key has been saved in /home4/mmalensek/.ssh/id_rsa.pub
The key fingerprint is:
...
(fingerprint and randomart image display)
...

[mmalensek@stargate]$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[mmalensek@stargate]$ chmod 700 ~/.ssh
[mmalensek@stargate]$ chmod 600 ~/.ssh/authorized_keys

Since our lab machines have shared home directories, you can now log into any of the machines in the department without a password.

Transferring Files

You can also use the scp utility to copy files to the department machines. The basic usage looks like:

scp local-file.txt mmalensek@stargate.cs.usfca.edu:

Don’t forget the trailing : character. This tells scp to store the file in your home directory. You can also specify a remote file name, or store in a particular folder/directory:

scp local-file.txt mmalensek@stargate.cs.usfca.edu:other-name.txt
scp local-file.txt mmalensek@stargate.cs.usfca.edu:my_great_dir/subdirectory/