Генерируем приватный и публичный ключи для сервера с паролем:

root@priovtb-sftp:~# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
/root/.ssh/id_dsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
fe:61:e8:3e:0e:56:b5:13:c1:c7:f0:fe:fd:78:21:fa root@priovtb-sftp
The key's randomart image is:
+--[ DSA 1024]----+
|         .oo     |
|          .oo    |
|          o..    |
|         . +     |
|        S o .    |
|       o . . o o |
|      o o o . o o|
|     . o.o o   .o|
|       o+.. .E...|
+-----------------+

Запустим ssh-agent:

root@priovtb-sftp:~# exec ssh-agent /bin/bash

Проверим, какие ключи хранит в себе ssh-agent:

root@priovtb-sftp:~# ssh-add  -l
The agent has no identities.

Ключей пока нет.

Добавляем приватный ключ:

root@priovtb-sftp:~# ssh-add ~/.ssh/id_dsa
Enter passphrase for /root/.ssh/id_dsa:
Identity added: /root/.ssh/id_dsa (/root/.ssh/id_dsa)

Пробуем соединиться с хостом. Хост запрашивает пароль, потому что ключа пока нет.

root@priovtb-sftp:~# ssh 10.50.10.75
root@10.50.10.75's password:
^C

Заливаем на хост наш ключ. В процессе заливки ключа, хост запросит пользовательский пароль хоста:

root@priovtb-sftp:~# scp /root/.ssh/id_dsa.pub 10.50.10.75:~/.ssh/authorized_keys
root@10.50.10.75's password:
id_dsa.pub                       100%  607     0.6KB/s   00:00

Ключ на хосте. Пробуем соединиться по SSH:

root@priovtb-sftp:~# ssh 10.50.10.75
Linux lina 2.6.32-5-686 #1 SMP Mon Mar 26 05:20:33 UTC 2012 i686

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Mar 29 15:25:00 2012 from 10.50.10.39
root@malina:~# exit
logout
Connection to 10.50.10.75 closed.
root@priovtb-sftp:~#

Отлично. Аутентификация прошла без запроса пароля, но при этом сам ключ запаролен. 🙂