create ssh keys

  • ls -ld ~/.ssh
  • mkdir -m 700 ~/.ssh
  • cd ~/.ssh
  • ssh-keygen -b 2048 -t rsa -f id_rsa -P “” // CentOS requires 2 “
  • chmod go-rwx ~/.ssh/id_rsa
  • scp id_rsa.pub username@remotemachine:~
  • ssh username@remotemachine “cat /Users/username/id_rsa.pub >> ~/.ssh/authorized_keys”
  • ssh username@remotemachine “rm /Users/username/id_rsa.pub”

https://help.apple.com/advancedserveradmin/mac/4.0/#/apd002AE571-2E56-409A-A1F9-A71736EE9040

ssh-agent

eval `ssh-agent -s`
ssh-add /root/.ssh/bhr.id_rsa
Enter passphrase for /root/.ssh/bhr.id_rsa:
Identity added: /root/.ssh/bhr.id_rsa (/root/.ssh/bhr.id_rsa) 

ssh hha720

automatically start ssh-agent

add to .bashrc, passphrase needs to be entered upon every login

if [ -z "$SSH_AUTH_SOCK" ] ; then
 eval `ssh-agent -s`
 ssh-add /root/.ssh/bhr.id_rsa
fi

to enter passphrase only during the first login after a reboot install keychain :

  1. wget http://pkgs.repoforge.org/keychain/keychain-2.7.0-1.el6.rf.noarch.rpm
  2. rpm -i keychain-2.7.0-1.el6.rf.noarch.rpm

vi /root/.bashrc

# ssh agent
if [ -z "$SSH_AUTH_SOCK" ] ; then
  eval `ssh-agent -s`
fi

# start keychain
/usr/bin/keychain ~/.ssh/bhr.id_rsa
source ~/.keychain/${HOSTNAME}-sh > /dev/null

http://unix.stackexchange.com/questions/90853/how-can-i-run-ssh-add-automatically-without-password-prompt

configure ssh

vi ~/.ssh/config

Host *
 ServerAliveInterval 60
 ServerAliveCountMax 30
 ForwardAgent no
 ForwardX11 no
 ForwardX11Trusted yes

Host hha
 HostName 10.1.1.1
 Port 22
 User root
 IdentityFile /root/.ssh/bhr.id_rsa

Host hha720
HostName hha720
Port 22
User wasadmin
IdentityFile /root/.ssh/bhr.id_rsa
ProxyCommand  ssh root@hha nc %h %p 2> /dev/null
LocalForward 11009 127.0.0.1:11009
LocalForward 13020 127.0.0.1:13020