I am trying to make a more streamlined means to establish an SSH client connection to a remote server. I have created a public/private keypair and used ssh-copy-id
to install the public key onto the remote server.
However, it still was asking for the password unless I put in the path for the identity file with something like ssh -i ~/.ssh/mykey user@host
. Should I have to type this to bypass the password with public key authentication?
To bypass this I used .bashrc
and created an alias using this path. However, is this the way to do this? Or is it just a question of the server allowing the public key so I can just use the usual ssh user@host
?
Best Answer
If you are able to successfully use keypair-authentication with
ssh -i ~/.ssh/mykey user@host
, you can easily automate this with your SSH client configuration.For example, if you add this to your
~/.ssh/config
file:You can then simply
ssh hostname
, and your username and identity file settings will be handled by yourconfig
file and you're off to the races, as they say.The
IdentityFile
directive (which the-i
switch forssh
overrides) has a default setting which will look for~/.ssh/id_dsa
,~/.ssh/id_ecdsa
,~/.ssh/id_ed25519
, and~/.ssh/id_rsa
; any other filenames for private keys must be specified in theconfig
file or with-i
on the command line.If you add IdentityFile to your ssh config, you'll find that the client still sends the default key (see ssh -vv output). This can be problematic when using sites like github with multiple accounts. You'll need to include "IdentitiesOnly yes" if you want ssh to use only the key you've specified.