I. SSH Passwordless Login — Key-Based Authentication
spiedie.binghamton.edu) from Mac/Windows/Linux without entering a password, and to make VS Code Remote-SSH connections more stable. This is achieved by replacing password-based authentication with public/private key authentication (公钥/私钥认证).
1. Core Concept: How SSH Passwordless Login Works
SSH “passwordless login” does not skip identity verification — it replaces password-based authentication with key-based authentication.
1) Two Key Files
-
Private Key (私钥): stored on your local machine Example:
~/.ssh/id_ed25519Must never be leaked or shared -
Public Key (公钥): can be sent to the server Example:
~/.ssh/id_ed25519.pubSafe to share openly / copy to servers
2) How Does the Server Remember You?
The server stores your public key in:
~/.ssh/authorized_keysOnce added, the server will allow anyone who holds the corresponding private key to log in.
3) What Happens During Authentication (Simplified Flow)
- You initiate a connection:
ssh user@host - The server looks up your public key in
authorized_keys - The server sends a random challenge
- Your machine signs the challenge using your private key (the private key never leaves your machine)
- The server verifies the signature using your public key
- Verification passes → Login succeeds (no password prompt)
2. Step-by-Step Setup
The following examples use:
- Username:
xli49 - Host:
spiedie.binghamton.edu
1) Step 1: Generate an SSH Key on Your Local Machine
Check whether a key already exists:
ls ~/.ssh/id_ed25519 ~/.ssh/id_rsa 2>/dev/nullIf not, generate one (ed25519 recommended):
ssh-keygen -t ed25519 -C "xli49@spiedie.binghamton.edu"ssh-agent.2) Step 2: Copy the Public Key to the Server
✅ Recommended (when ssh-copy-id is available):
ssh-copy-id xli49@spiedie.binghamton.eduEnter your password once — that’s the last time.
Manual Method (if ssh-copy-id is not available)
cat ~/.ssh/id_ed25519.pub | ssh xli49@spiedie.binghamton.edu \"mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys"3) Step 3: Test the Passwordless Login
ssh xli49@spiedie.binghamton.edu✅ If no password prompt appears → setup successful.
3. Configuring ~/.ssh/config (Recommended)
Edit the config file:
nano ~/.ssh/configRecommended configuration (using the full hostname as the Host):
Host spiedie.binghamton.edu HostName spiedie.binghamton.edu User xli49 ServerAliveInterval 300 ServerAliveCountMax 120After saving, connect with just:
ssh spiedie.binghamton.edu4. When Is IdentityFile Needed?
1) Usually Not Required
SSH automatically tries the following keys in order:
~/.ssh/id_ed25519~/.ssh/id_rsa- Any keys already loaded into
ssh-agent
If your key is in one of these default locations, you typically do not need to specify IdentityFile.
2) When You Must Specify IdentityFile
- You have multiple keys and SSH might pick the wrong one
- Your key is not in a default path
- The server requires a specific key
Example:
Host spiedie.binghamton.edu HostName spiedie.binghamton.edu User xli49 IdentityFile ~/.ssh/id_ed255195. Preventing VS Code Remote-SSH Disconnections (KeepAlive)
Common causes of disconnection:
- The school network or firewall clears long-idle connections
- The remote session is considered idle when there is no output for an extended period
Solution: enable SSH heartbeat packets (KeepAlive):
ServerAliveInterval 30ServerAliveCountMax 120What this means:
- Send a heartbeat packet every 30 seconds
- Allow up to 120 consecutive non-responses (~1 hour) before disconnecting
6. Troubleshooting
1) Check Which Key SSH Is Using
ssh -v xli49@spiedie.binghamton.eduLook for lines like:
Offering public key: ...Authentication succeeded
2) Check the Default Shell on the Server
Run remotely to rule out misconfiguration:
echo $SHELLgetent passwd xli49 | cut -d: -f7which zshGenerate a key with
ssh-keygen -t ed25519, copy it to the server once with ssh-copy-id, add ServerAliveInterval 30 to ~/.ssh/config, and you'll never type a password or suffer a dropped VS Code connection again.