I spend pretty much all day connected to remote machines via ssh. It's key to my work and losing that connection for any reason is a big productivity vacuum. Lately I've been having some connection problems, which has prompted me to streamline how I connect to my remote machines. ssh-agent and screen are great tools for improving my connectivity productivity. I'll talk about ssh-agent in this post, and screen in the next one.

ssh-agent enables almost-password-free* logins to your remote machines. This is accomplished via SSH keys. You basically generate an encryption key pair on your local machine and then copy your public key out to each user on each remote machine. ssh-agent runs in the background on your local machine. You add your identity to the ssh-agent and supply a passphrase. As long as you keep your session (X session/login session) open and ssh-agent running, you won't need to enter a password when ssh'ing to a remote machine. This can significantly reduce your password typing during a day. Here's how I set it up:

$ssh-keygen -t rsa

Enter a passphrase when asked and remember it. Two key files are generated: your private key and your public key.

#key files generated on your local machine:
/home/username/.ssh/id_rsa
/home/username/.ssh/id_rsa.pub

You will need to copy the contents of your public key file (id_rsa.pub) to each remote user's authorized_keys file. If this file doesn't exist, create it.

#on each remote machine, copy your public key into this file:
/home/username/.ssh/authorized_keys

Now make sure that ssh-agent is running on your local machine. You want to run ssh-agent for your login or X session. I'm using Gnome and GDM on Gentoo, and ssh-agent is already setup for each session. If you need to add it manually, see this page: http://www.phy.bnl.gov/computing/gateway/ssh-agent.html

Now add your ID to the running ssh-agent:

$ssh-add
Enter passphrase for /home/username/.ssh/id_rsa:
Identity added: /home/username/.ssh/id_rsa (/home/username/.ssh/id_rsa)

You can now SSH into your remote machines without having to enter a password. Try it!

*So, the only password you must enter is the passphrase for the identity you've created for ssh-agent. You will need to re-add this identity everytime ssh-agent is restarted (e.g., when you close your session).

In order to further streamline the password-entering, this script checks whether or not the ID has already been added and runs ssh-add if not:

#!/bin/sh
# ~/bin/ssh-id-check
# If no ID has been added to ssh-agent, then run ssh-add.
if [ -n "`ssh-add -l | grep has\ no\ identities`" ]; then
ssh-add
fi

Then, each of my SSH connections gets its own launch script that looks like this:

#!/bin/bash
# ~/bin/sv1
ssh-id-check
ssh user@remotemachine.com

I got the ID-checking script from here:
http://forums.gentoo.org/viewtopic-t-407440.html

Also read my post about how I use GNU screen.