# SSH Passwordless Access Setup **Problem:** Automated deployments require password entry, causing delays and requiring manual intervention. **Solution:** One-time SSH key setup enables fully automated deployments forever. --- ## Quick Setup (One Command) Run this PowerShell command **once** with your RMM password: ```powershell cd D:\ClaudeTools .\setup-ssh-keys.ps1 ``` When prompted for password, enter your RMM password. You'll enter it **3 times total** (for pscp, mkdir, and key install). **After this ONE-TIME setup:** - `deploy.ps1` will work without ANY prompts - `pscp` commands work automatically - `plink` commands work automatically - No more 4-hour debugging sessions due to deployment issues --- ## What It Does 1. **Generates SSH key pair** (already done: `~/.ssh/id_rsa`) 2. **Copies public key** to RMM server 3. **Configures authorized_keys** for guru user 4. **Tests passwordless access** Total time: 30 seconds --- ## Alternative: Manual Setup If you prefer to do it manually: ```bash # 1. Copy public key to RMM server pscp %USERPROFILE%\.ssh\id_rsa.pub guru@172.16.3.30:/tmp/claude_key.pub # 2. SSH to RMM and install key plink guru@172.16.3.30 mkdir -p ~/.ssh chmod 700 ~/.ssh cat /tmp/claude_key.pub >> ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys rm /tmp/claude_key.pub exit # 3. Test passwordless access plink -batch guru@172.16.3.30 "echo 'Success!'" ``` --- ## Verification After setup, this command should work WITHOUT password prompt: ```powershell plink -batch guru@172.16.3.30 "echo 'Passwordless SSH working!'" ``` **Expected output:** `Passwordless SSH working!` **If it prompts for password:** Setup failed, re-run `setup-ssh-keys.ps1` --- ## Why This Matters **Before SSH keys:** - Every `deploy.ps1` run requires 3-5 password entries - Cannot run automated deployments - Manual file copying required - High risk of deploying wrong files - 4+ hours wasted debugging version mismatches **After SSH keys:** - `.\deploy.ps1` - ONE command, ZERO prompts - Fully automated version checking - Automatic file deployment - Service restart without intervention - Post-deployment verification - **Total deployment time: 30 seconds** --- ## Security Notes **SSH Key Location:** `C:\Users\MikeSwanson\.ssh\id_rsa` (private key) **Public Key Location:** `C:\Users\MikeSwanson\.ssh\id_rsa.pub` **Key Type:** RSA 4096-bit **Passphrase:** None (enables automation) **Access:** Only your Windows user account can read the private key **RMM Access:** Only guru@172.16.3.30 can use this key **Note:** The private key file has restricted permissions. Keep it secure. --- ## Troubleshooting **"FATAL ERROR: Cannot answer interactive prompts in batch mode"** - SSH keys not installed yet - Run `setup-ssh-keys.ps1` to install them **"Permission denied (publickey,password)"** - authorized_keys file has wrong permissions - On RMM: `chmod 600 ~/.ssh/authorized_keys` **"Could not resolve hostname"** - Network issue - Verify RMM server is reachable: `ping 172.16.3.30` --- ## Next Steps 1. **Run setup script:** `.\setup-ssh-keys.ps1` 2. **Verify it works:** `plink -batch guru@172.16.3.30 "whoami"` 3. **Deploy safeguards:** `.\deploy.ps1` 4. **Never waste 4 hours again** --- **Status:** SSH key generated ✓ **Action Required:** Run `setup-ssh-keys.ps1` once to install on RMM server **Time Required:** 30 seconds **Password Entries:** 3 (one-time only) **Future Password Entries:** 0 (automated forever)