“Silky Smooth Hopping” is a term coined by Paul Irish at the HTML5DevConf held by marakana on November 5th, 2012. It’s a way to login via ssh painlessly and with ease. You’ll need to know what the Terminal is before you begin, and have some knowledge of basic commands (e.g. listing directories, viewing file contents, etcetera). You’ll also need to know how to create a public ssh key with a service such as Github. What we’re gonna do is really not that difficult –and honestly, I’m no Terminal whiz either so I’ll make sure to hold your hand every step of the way.
Workflow and workspace setup can be one of those things easily forgotten and often under–estimated in its value. I’ve never been too crazy when it comes to my workflow, but over time I’ve grown to appreciate its effectiveness.
What is ssh and what does it do?
Secure Shell (a cryptographic network protocol for secure data communication, remote shell services or command execution and other secure network services between two networked computers that connects, via a secure channel over an insecure network, a server and a client (running ssh server and ssh client programs, respectively). The protocol specification distinguishes two major versions that are referred to as ssh–1 and ssh–2.
– wikipedia
ssh also lets you run terminal commands on another computer out on the internet, like your personal server. That means you could set up version control on your remote server and pull in your changes from the working repo and correlating branch with a service like Github.
The Silky Smooth Setup
Usually when we ssh into a remote server we’ll start by typing out ssh
followed by a unique username which will be something like “myname@myhostname.com
.” It will look like this in the Terminal:
$ ssh myname@myhostname.com
Password:
Notice that it’s requesting a password. Ugh! That’s really annoying, but we can clean this step up and create a silky experience for ourselves. First order of business is to set up a config
file in the ~/.ssh
directory of your local machine, that contains these lines from the example below:
Host $custom_name
HostName $custom_host_name
Port $custom_port_number
User $custom_username

.ssh
config fileYou should replace the variables prefixed with a dollar sign with your own values particular to your project. In my case $custom_name
is ‘mt’ so my config
contents looks like this…
Host mt
HostName myhost.com
Port 22
User myhost.com
This configuration will let me do the following from my shell…
$ ssh mt
This is cool, but we’re still asked for a password once that command is executed. Let’s go ahead and get rid of that annoying password request by copying the contents of id_rsa.pub
from your local machine’s .ssh
directory using the following command (I should also note that pb
commands are Mac OS X specific).
cat ~/.ssh/id_rsa.pub | pbcopy
This will copy the contents of the public ssh key you’ve created with github / repo service to your local machine’s clipboard. Now all you need to do is create a file called authorized_keys
and paste the contents into your authorized_keys
file on your remote server. If you’re using MediaTemple then you can’t use pb
commands like pbpaste
as they are OS X specific as previously mentioned, so I suggest using ftp and gaining access that way –unless you’re good with Vim. For me ftp was quick and painless –did I mention extremely quick?

authorized_keys
file on your remote serverSo now you’ll have a file called authorized_keys
in the .ssh
directory of your remote server. This will remove that annoying password request each time you ssh into your remote server. So in my case, I can execute ssh mt
and gain immediate access. No password, no entering annoying email usernames, just quick and painless ssh hopping. It’s a small adjustment, but an adjustment that will make you smile from ear to ear and wonder why you lived without it for so long.
pbcopy? ftp ?
duh:
So you’re suggesting to use this bash command to paste the SSH public key contents to your remote file? Do we need the [user@]machine portion as well? Explaining this is more helpful than a simple ‘duh.’
Example
Sweet!
Took roughly about 2 mins to set up.
Rock on!
Thanks Jake \m/
Nice blogpost. It comes in very handy!
You got that right 😉 A huge time saver. Also works well for Windows using Git Bash.
This is gonna save me like 10 minutes a day, every day. Thanks so much.
You’re welcome Jeffrey! I couldn’t agree with you more on the time saving benefits.
great article! here is the version of the command used to copy the id_rsa.pub file content, regardless of what system you are using…
as in the article above, replace the value of $host with your hostname as set up in the beginning of the article. awesome workflow!!!
Thanks for the great tip TJ! I knew there had to be another way around that.
Instead of copying the public key to the clipboard and then editing
authorized_keys
manually and pasting it back in, consider usingssh-copy-id mt
. This will automagically copy your public key file, append it toauthorized_keys
and set the right permissions on the file so that SSH will use it (it can be picky if the file is too accessible to other users). If you used a non-default identity name, you can use the-i
option to select that identity to be copied, rather than the default.Could you describe the steps in greater detail? If I run
within my remote
.ssh
directory I get this warning:I also get this warning locally.
ssh-copy-id
is perfect for this, but unfortunately not included in Mac OS X.Both errors are a result of
1. your remote box not having any need to copy its own key
2. your local machine not being able to execute the command (assuming you’re on a mac)
So try as you may – no cigar…Thats why I posted the system agnostic command instead…Hope this helps.
If the screenshot shows the remote
~/.ssh
folder then it’s unwise to show a private key as being on there too. There could be legitimate reasons for it, but as this is a good beginners guide, it’s best to avoid the ambiguity or people might be tempted to upload the contents of their local.ssh
to the server.The idea is that you keep your private key on your local machine, and just your public key, pasted into a
~/.ssh/authorized_keys
file on all the remote machines you want silky smooth access too.If you start storing copies of your house keys at local motels, you increase your chance of getting burgled. Same goes with private SSH keys and shared hosting.
Thanks for the tip olizilla! Just to be clear, you’re saying to remove the
id_rsa
files completely and just use theauthorized_keys
file on your remote server?Yes.
More generally: Never, ever, ever, let the id_[rsa|dsa|woteva] file get out into the wild. It is your private key.
The trade off for not needing to remember a password is you now need to keep a file safe from being copied on a interconnected-machiniverse that is really good at making perfect copies of things and transporting them to other people, really fast.
If you cannot be 100% sure that no-one else has ever had access to the private key then you need to go burn the authorized_keys files on all the remote machines it’s been used on (or carefully delete that key from the list in the file if there are more than one). Then delete the now compromised keys, give yourself a good talking to, and start again.
For completeness, the id_[rsa|dsa|woteva].pub file is your public key, and for as long as you keep the private one safe, you can freely smoosh that around the internet if you like, though, as with all matters of security, it’s better to keep the whole thing quiet.
As for these other ruffians, TJ’s suggested command is the most platform agnostic of the bunch, and worth taking the time to understand, but it it’s the most likely fail in a hard to diagnose way if mistyped.
Gijs’ suggestion is good, but, yes, OSX lacks a lot of helpful tools. If you’re interested in learning more text-foo then it’s worth jumping through the hurdles to install homebrew – http://mxcl.github.com/homebrew/
…The App Store of the command line. Once installed, you can use it to add missing tools like so:
To make SSH configuration for Github easy, secure and optimized, I created a tool: github-keygen.
Very neat. From what I can interpret from your README the tool is primarily for Github SSH keys and unrelated to placing SSH keys on a remote server? Thanks for sharing.