To log into a system with your current username, just call
georg@erde:~$ ssh sonne Passwort: *********** georg@sonne~$
Note: the password will not be displayed (not even stars).
If you have a different account on the other system, prepend your
user name like in an e-mail address:
With the command line option
-X (upper case X),
the X11 session will be forwarded over the SSH connection.
When starting a program with GUI,
it will be displayed on your local screen and your input
will be redirected to the programm running on the remote machine.
Using password-less login
SSH can create a pair of public and private keys to log into systems without everytime entering the password. Additionally, this comes handy for scripts where you would never put your password in.
First, create a key pair:
It will ask for a name where to store the key files
and for a passphrase.
The phrase should be taken literally: this will be your
master key, don't just provide 8 characters (on none).
I will show how to use the
ssh-agent, so this passphrase
will only be entered once after login.
man ssh-keygen for more options.
Distributing the public key
The private key must be kept secret.
By default, it is stored in the hidden directory
in the file
and only readable for the user.
(SSH will reject using it if the file is readable for more than the owner.)
The public key has the extension .pub (
To be accepted, it must be appended to the file
If your home directories are synchronized (e.g. via NFS),
just append it to the local file:
~$ cd .ssh .ssh$ cat id_rsa.pub >> authorized_keys
Otherwise, the public key must be copied to the remote machine.
ssh-copy-id helps: just call it with the hostname
(or name@hostname, if the account is named differently):
georg@erde~$ ssh-copy-id mond Password: *********** Now try loggin into the machine... georg@erde~$ ssh mond georg@mond~$
Using the SSH-Agent to avoid the passphrase
If you're following the steps above, so far, you have only replaced the (probably 8 character) password with a (according to my suggestion much longer) passphrase. But as promised, there's help:
$ ssh-agent $ ssh-add Passphrase: ************************* $ ssh sonne
The first line starts the SSH-Agent in the background.
ssh-add registers your private keys with the agent.
It will ask for the passphrase.
From now on, every subsequent SSH will use the password-less
(and passphrase-less) login.
If your public key is not on the target system,
SSH falls back to asking for the password.
With the command line option
you can even forward the agent to a remote machine
and then login from there to the next machine
without entering a password (of -phrase) again.
More configuration for more convenience
SSH can be configured with the file
Some global settings are:
ForwardAgent yes ForwardX11 yes
These settings globally activate the command line options
Settings for specific target machines can be given:
Host work User gw Hostname mymachine.example.com
This would set an alias