I’ve been trying to get passwordless sftp going between two unix machines so I can keep arch archives remotely but I kept having problems. Turned out there are a couple of things happening so I’m knocking together this quicky tutorial to outline how I do it. Note that I use local$ to denote a shell prompt on a local machine and remote$ to do the same for the remote machine.

1. local$ ssh-keygen -t dsa
2. local$ scp ~/.ssh/id_dsa.pub remote
3. local$ ssh username@remote
4. remote$ cat ~/id_dsa.pub >> ~/.ssh/authorized_keys
5. remote$ chmod 644 ~/.ssh/authorized_keys – this was one of the things that kept throwing me, ssh doesn’t like this file to be world of group writable.
6. remote$ exit
7. local$ ssh username@remote – Now instead of the normal password you should be asked for the password you entered for your dsa key. This isn’t passwordless yet but shows that ssh is using the key.

At this point you can either use ssh-agent or keychain to manage your keys so you don’t need to type in passwords. Normally I would recommend keychain but I have been having problems with it recently so I will outline how to use ssh-agent.

1. local$ ssh-agent bash
2. local$ ssh-add ~/.ssh/id_dsa – you will be prompted for your key’s passphrase.
3. local$ ssh username@remote – your shouldn’t be asked for the passphrase again.

http://blogs.translucentcode.org/mick/archives/000230.html