PDA

View Full Version : Config SSH to remember my password



yinglcs
13th March 2007, 06:56 AM
Hi,

I often need to SSH to some servers in my environment.
Is it possible to configure SSH so that i remember my password after I type in the first time so that I don't need to retype it every time?
Thank you.

marcrblevins
13th March 2007, 07:00 AM
Eh? That is too risky.

If someone hack into that one PC that was set to remember all the password, you are OWNED.

I use this to store all my passwords on a thumbdrive.
http://passwordsafe.sourceforge.net/

pete_1967
13th March 2007, 09:54 AM
Go to your .ssh directory, type `ssh-add [private_key_name e.g. id_rsa]` and enter your password. It will be remembered as long as you are logged in to session.

If you are logging onto the machine that has used ssh-add to remember the password remotely, you still need to enter it every time (it only works on local sessions).

lazlow
13th March 2007, 10:48 AM
pete

Could he add something to his .bash_profile (or the one that runs every time you log in) to do your above solution?

Just a thought
Lazlow

pete_1967
13th March 2007, 12:16 PM
pete

Could he add something to his .bash_profile (or the one that runs every time you log in) to do your above solution?

Just a thought
Lazlow



if [[ -e $HOME/.loggedin ]]
then
rm -f $HOME/.loggedin
else
touch $HOME/.loggedin
ssh-agent sh -c 'ssh-add < /dev/null && bash'
fi


Should work (not tested). You still need to enter the password once.

Personally I don't see much benefit on that but all for their own...

Nipperspot
13th March 2007, 02:50 PM
FWIW... I always have used the following:

$ ssh-keygen -f ~/.ssh/identity -t rsa -P ""
$ chmod 600 ~/.ssh/identity*
$ scp ~/.ssh/identity.pub remote:/path/to/.ssh/authorized_keys2

Test your login:
$ ssh -i ~/.ssh/identity username@hostname

pete_1967
13th March 2007, 11:24 PM
FWIW... I always have used the following:

$ ssh-keygen -f ~/.ssh/identity -t rsa -P ""
$ chmod 600 ~/.ssh/identity*
$ scp ~/.ssh/identity.pub remote:/path/to/.ssh/authorized_keys2

Test your login:
$ ssh -i ~/.ssh/identity username@hostname

Using passwordless private key is about as useful and secure as not using keys at all.

Nipperspot
13th March 2007, 11:38 PM
Using passwordless private key is about as useful and secure as not using keys at all.

That is what I initially thought, but where I had been employed for years said this method is secure and best to use. Ironically, we all never signed off of our workstations and anyone could easily have logged on the servers. Entering a password is the best method of security.

pete_1967
13th March 2007, 11:59 PM
That is what I initially thought, but where I had been employed for years said this method is secure and best to use. Ironically, we all never signed off of our workstations and anyone could easily have logged on the servers.

And your network admins/ sysadmins actually got paid? What was the company, I think I'll apply to work for them :)

It's not only that you leave your system open at work, anyone logging on to your system remotely can access everywhere the key is used. Seriously, why they bothered telling people to use keys when same time they told you to throw away the lock?