Ssh – Specifying an IdentityFile with SSH

key-authenticationssh

I am trying to make a more streamlined means to establish an SSH client connection to a remote server. I have created a public/private keypair and used ssh-copy-id to install the public key onto the remote server.

However, it still was asking for the password unless I put in the path for the identity file with something like ssh -i ~/.ssh/mykey user@host. Should I have to type this to bypass the password with public key authentication?

To bypass this I used .bashrc and created an alias using this path. However, is this the way to do this? Or is it just a question of the server allowing the public key so I can just use the usual ssh user@host?

Best Answer

If you are able to successfully use keypair-authentication with ssh -i ~/.ssh/mykey user@host, you can easily automate this with your SSH client configuration.

For example, if you add this to your ~/.ssh/config file:

Host hostname
  User username
  IdentityFile ~/.ssh/mykey
  IdentitiesOnly yes # see comment in answer below

You can then simply ssh hostname, and your username and identity file settings will be handled by your config file and you're off to the races, as they say.

The IdentityFile directive (which the -i switch for ssh overrides) has a default setting which will look for ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519, and ~/.ssh/id_rsa; any other filenames for private keys must be specified in the config file or with -i on the command line.

If you add IdentityFile to your ssh config, you'll find that the client still sends the default key (see ssh -vv output). This can be problematic when using sites like github with multiple accounts. You'll need to include "IdentitiesOnly yes" if you want ssh to use only the key you've specified.

Best Answer

Related Solutions

Ssh – “Permanently added the RSA host key” what does it mean

Related Question