Quite generally, you should have ONE personal cryptographic key pair for various work-related purposes. It normally resides in directory .ssh, and has the names
~/.ssh/id_rsa # private key ~/.ssh/id_rsa.pub # public key
If this is not the case, then do the following (using your mail address):
$ mkdir ~/.ssh $ ssh-keygen -C "firstname.lastname@example.org"
When prompted for a passphrase, please choose a strong one
On success, directory .ssh will be populated with aforesaid files.
Never communicate the private key to anybody else. You may however share it between different accounts you own personally. In this case, you should maintain identical contents in the .ssh directories, and copy id_rsa.pub to a file authorized_keys to allow mutual login.
Before using ssh, execute the command
It will prompt for passphrase, and keep you authenticated until you log out.
The daemon ssh-agent can store the authentication across sessions. On self-administered systems, install package keychain. On CentOS-6, it is integrated in the window manager (pop-up window “Unlock private key”). On CentOS-5, you could install a script.
Password-less login to a group account must be asymmetric: from your personal account, you will have simplified access to a group account, not the other way round.
Under the group account, create a directory .ssh. Do not generate a key pair. Remote copy
file .ssh/id_rsa.pub from your private account to file .ssh/authorized_keys on the group account.
If your colleagues were faster, then that file already exists. In this case, you have to append your id_rsa.pub:
$ cd .ssh $ scp your_account@your_computer:.ssh/id_rsa.pub . $ mv authorized_keys tmp $ cat tmp id_rsa.pub > authorized_keys $ rm tmp id_rsa.pub
That's it. Now you will be able to access the group account from your private account without need to enter a password for each single login (ssh), remote command (ssh with command argument), copy (scp), and synchronization (rsync, unison).