Use ssh to run scripts on remote servers without entering a password.
Create your ssh key
ssh-keygen -b 4096 -t rsa -f ~/.ssh/keyname.rsa
will produce a keypair. The .rsa file will be the private and the .rsa.pub is the one that goes into authorized_keys on the remote server. If you don’t enter a password the key can be used with no user interaction. Do this when you need script operations on a remote server.
Load a key
ssh-add keyname
Upload your ssh key to a server
ssh-copy-id -i keyname.rsa.pub username@remotehost
Carry your key with your ssh session
if you need to carry your key somewhere, for instance if you will be chaining through to a host WITHIN the network of your remotehost and there is no direct ssh port forwarded to that host.
ssh -v username@remote -A
using -v (verbose) can help diagnose connectivity issues
Display the ssh keys you have loaded
ssh-add -l
if you forgot to carry a key or you need to add a local key you will get the error:
ssh-add -l
Could not open a connection to your authentication agent.
in this case use
ssh-agent bash
ssh-add keyname
Using alternative ports
Sometimes your remote host is running ssh on another port since 22 on that IP is already used. To reduce brute force attacks on the standard ssh port you can also use alternative ports by setting up the listening port in sshd_config on the server.
Use the -p flag to specify:
ssh -p 41843 user@remotehost
You can use an -i flag to specify a key to use (always needed in bash scripting for using ssh password-less)
ssh -p 41843 -i ~/.ssh/keyfile.rsa user@remotehost
If you manage many servers you may want to use ~/.ssh/config to alias the connections.
vim ~/.ssh/config
Host remotehost
IdentityFile ~/.ssh/keyname.rsa
Port 41843
ServerAliveInterval 240
In the case above you can simply use ssh user@remotehost to get in using keyfile.rsa on port 41843