http://linux-tips.org/article/33/passwordless-ssh-setup

Passwordless ssh setup

If you want to use passwordless ssh login feature, you should use public key authentication mechanism. To do this, remote server must be configured to enable public key authentication (enabled by default) and you should have an ssh public/private key and store your public key at the remote side's special file: ~remote-user/.ssh/authorized_keys

Remote server setup: Check the following lines exists and uncommented in the /etc/ssh/sshd_config, if not you must add it and restart ssh server at the remote side:

RSAAuthentication yes
PubkeyAuthentication yes

Local setup: You must generate an public/private key pair for your own if it's not generated before:

ssh-keygen -t rsa

You can select defaults just hitting enter a few times. After that your public key will be in the ~/.ssh/id_rsa.pub file, you must add this file content's to ~remote-user/.ssh/authorized_keys file. You can scp to copy id_rsa.pub at the remote side and after that you can append id_rsa.pub contents into authorized_keys file at the remote side.

This is a trivial process and there is a special script utility which basically makes this copy and append task called ssh-copy-id:

ssh-copy-id remote-user@remote-host

Now, you can login without entering password.

http://linux-tips.org/article/60/disabling-ssh-password-authentication

Disabling ssh password authentication

Brute force password guess attacks generally runs against ssh server. You can allow only known ip addresses to connect ssh port with iptables but sometimes it is not the best way; you may want to login from everywhere.

In order to keep connected from everywhere while protecting system itself against brute force attacks, you can disable password based authentication in ssh and still continue to connect with public key authentication (See also: Passwordless ssh setup). To do this, change or add following line in /etc/ssh/sshd_config and restart ssh server:

PasswordAuthentication no