Use ssh to run scripts on remote servers without entering a password.

Create your ssh key

---

ssh-keygen -b 4096 -t rsa -f ~/.ssh/keyname.rsa

---

will produce a keypair. The .rsa file will be the private and the .rsa.pub is the one that goes into authorized_keys on the remote server. If you don’t enter a password the key can be used with no user interaction. Do this when you need script operations on a remote server.

Load a key

---

ssh-add keyname

---

Upload your ssh key to a server

---

ssh-copy-id -i keyname.rsa.pub username@remotehost

---

Carry your key with your ssh session

if you need to carry your key somewhere, for instance if you will be chaining through to a host WITHIN the network of your remotehost and there is no direct ssh port forwarded to that host.

---

ssh -v username@remote -A

---

using -v (verbose) can help diagnose connectivity issues

Display the ssh keys you have loaded

---

ssh-add -l

---

if you forgot to carry a key or you need to add a local key you will get the error:

---

ssh-add -l
Could not open a connection to your authentication agent.

---

in this case use

---

ssh-agent bash
ssh-add keyname

---

Using alternative ports

Sometimes your remote host is running ssh on another port since 22 on that IP is already used. To reduce brute force attacks on the standard ssh port you can also use alternative ports by setting up the listening port in sshd_config on the server.

Use the -p flag to specify:

---

ssh -p 41843 user@remotehost

---

You can use an -i flag to specify a key to use (always needed in bash scripting for using ssh password-less)

---

ssh -p 41843 -i ~/.ssh/keyfile.rsa user@remotehost

---

If you manage many servers you may want to use ~/.ssh/config to alias the connections.

---

vim ~/.ssh/config
Host remotehost
IdentityFile ~/.ssh/keyname.rsa
Port 41843
ServerAliveInterval 240

---

In the case above you can simply use ssh user@remotehost to get in using keyfile.rsa on port 41843