SSH from Windows to Linux without entering a password

Question

I am trying to use ssh/scp from Windows to Linux without having to enter a password.

This is what I have done, and it doesn't seem to work:

• generated public and private keys using Putty Key Generator (on Windows)
• saved the files as id_rsa.pub and id_rsa
• copied them into ~/.ssh
• added id_rsa.pub to the Linux box in ~/.ssh/authorized_keys
• I then try to ssh to the Linux box from Windows and I still have to enter a password

Am I missing something?

Answer 1

I used this:

c:\> type c:\users\my_name\.ssh\id_rsa.pub | ssh root@172.110.1.171 "cat >> ~/.ssh/authorized_keys"

Answer 2

You have to run an authentication agent on Windows.

For example, Pageant, used in combination with PuTTY (graphical SSH client) or Plink (its command line equivalent).

You'll need to tell Pageant your SSH server's public key. After that it will deal with your server's authentication requests while running in the background.

Answer 3

You need Pageant.

See the video Password-less login with PuTTY and Pageant. And/or the blog post Howto: Passwordless SSH authentication with PuTTY.

Answer 4

Try Plink (part of PuTTY)

 plink -v youruser@yourhost.com -pw yourpw "some linux command"

Answer 5

Setting up SSH key authentication can be a bit tricky. It sounds like you're covering all your bases. One thing that often catches people off guard - you need to make sure the .ssh directory and its contents are owned by you and are read/writeably only by you.

Make sure to run this (on all your .ssh directories):

chmod -R 700 on ~/.ssh

If that doesn't work, turn on verbose logging by adding -v to your ssh command (you can add up to three -vss for more verbosity).

Answer 6

git for Windows installs the cross-platform ssh tools you need:

• ssh-keygen
• ssh-copy-id.

Depending your preference of bash or PowerShell,

Either do this from the git-installed bash shell:

#By default this puts keyfile pair in ~/.ssh/id_rsa & ~/.ssh/id_rsa.pub :
ssh-keygen.exe -t rsa -b 2048 
ssh-copy-id -i ~/.ssh/id_rsa.pub  $remoteuser@$remotehost
These two chmod lines are needed on unix platforms, probably not on Windows.
typically ssh refuses to use a private key file
if it is less-well protected than this:
chmod 700 ~/.ssh
chmod 640 ~/.ssh/id_rsa

Or run this script in PowerShell:

Param(
  [Parameter()][string]$keyfile="id_rsa",
  [Parameter()][string]$remotehost,
  [Parameter()][string]$remoteuser
  )
write-host "# ---------------------------------------------------------------------------------#"
write-host "# Create an RSA public/private key pair, and copy the public key to remote server  #"
write-host "#                                                                                  #"
write-host "# https://superuser.com/questions/96051                                            #"
write-host "#         ssh-from-windows-to-linux-without-entering-a-password/1194805#1194805    #"
write-host "#                                                                                  #"
write-host "# ---------------------------------------------------------------------------------#"
write-host "Keyfile pair will be saved at : ~/.ssh/$keyfile, ~/.ssh/$keyfile.pub"
write-host "And copied to $remoteuser@$remotehost"
write-host ""
write-host "You will need a password for the copy operation."
write-host ""
if( -not $(ls ~/.ssh) ) { mkdir ~/.ssh }
$sshdir=$(get-item ~/.ssh/).Fullname
#By default this puts keyfile pair in ~/.ssh/id_rsa & ~/.ssh/id_rsa.pub :
ssh-keygen.exe -t rsa -b 2048 -f "$sshdir$keyfile"
ssh-copy-id somehow didn't work in Powershell so I called it via bash
bash -c "ssh-copy-id -i ~/.ssh/$keyfile.pub $remoteuser@$remotehost"
I'm not sure if these two chmod lines work on windows but
typically ssh refuses to use a private key file
if it is less-well protected than this:
chmod.exe 700 $sshdir
chmod.exe 640 "$sshdir$keyfile"

After this, passwordless login should work for both ssh and scp.

Answer 7

You may also need to change permissions on your home directory:

chmod 755 ~

Answer 8

I'm assuming your keys are not password protected, and what you're getting is not a request for your key's password.

~/.ssh isn't used by putty on the windows side, and putty doesn't have a default private key setting. If you're using a command line ssh client such as cygwin, creating a .ssh directory off of your home would work. From putty, you'll need to configure and save a session.

From the putty configuration dialog, look at connection -> data, and fill in the auto-login username field. Then go to connection -> ssh -> auth, and set your private key correctly. Then go back to the session dialog, and save this session. You can also set the hostname if you'd like.

Once you have a saved session, you can use 'putty -load "savedsession"'.

Answer 9

I was able to do this exactly from Windows 7 by using the -i option for supplying an identity private key:

ssh -i X:\win-path\to\private-key remoteuser@remote.host.com

except that on the remote host, my authorized keys are in /etc/ssh/authorized_keys/remoteuser and in /etc/ssh/sshd_config, I changed

#AuthorizedKeysFile     .ssh/authorized_keys
AuthorizedKeysFile      /etc/ssh/authorized_keys/%u

but I don't know if the SSH remote config should matter.