How To scp, ssh and rsync without prompting for password
By jkini on Oct 17, 2007
Whenever you need to use scpto copy files, it asks for passwords. Same with rsyncas it (by default) uses sshas well. Usually scpand rsynccommands are used to transfer or backup files between known hosts orby the same user on both the hosts. It can get really annoying thepassword is asked every time. I even had the idea of writing anexpect script toprovide the password. Of course, I didn't. Instead I browsed for asolution and found it after quite some time. There are already acouple of links out there which talk about it. I am adding to it...
Lets say you want to copy between two hosts host_srcandhost_dest.host_srcis the host where you would run the scp,sshorrsyncommand,irrespectiveof the direction of the file copy!
-
On host_src, run this command as the user that runsscp/ssh/rsync
$ ssh-keygen -t rsa
This will prompt for a passphrase. Just press the enter key. It'll then generate an identification (private key) and a public key. Do not ever share the private key with anyone!ssh-keygen shows where it saved the public key. This is by default~/.ssh/id_rsa.pub:
Your public key has been saved in <your_home_dir>/.ssh/id_rsa.pub
-
Transfer theid_rsa.pubfile tohost_destby eitherftp,scp,rsyncor any other method.
-
Onhost_dest, login as the remote user which you plan to use when you run scp,sshor rsyncon host_src.
-
Copy the contents ofid_rsa.pubto ~/.ssh/authorized_keys
$ cat id_rsa.pub >>~/.ssh/authorized_keys
$ chmod 700 ~/.ssh/authorized_keys
If this file does not exists, then the above command will create it. Make sure you remove permission for others to read this file. If its a public key, why prevent others from reading this file? Probably, the owner of the key has distributed it to a few trusted users and has not placed any additional security measures to check if its really a trusted user.
-
Note that ssh by default does not allow root to log in. This has to be explicitly enabled onhost_dest. This can be done by editing/etc/ssh/sshd_config and changing the option ofPermitRootLogin fromno toyes. Don't forget to restartsshd so that it reads the modified config file. Do this only if you want to use the root login.
Well, thats it. Now you can run scp,sshandrsynconhost_srcconnecting tohost_destand it won't prompt for the password.Note that this will still prompt for the password if you are runningthe commands on host_destconnecting tohost_src.You can reverse the steps above (generate the public key onhost_destand copy it tohost_src)and you have a two way setup ready!
reference:https://blogs.oracle.com/jkini/entry/how_to_scp_scp_and