This page outlines how you can use ssh keys to avoid typing your word many times.
The first step is to create an SSH v1 key via the command ssh-keygen -t rsa1. This will ask you for a password to protect you key with, please choose one as good as your normal unix password.
This command will create two files in your .ssh directory, identity and identity.pub. You should make sure you protect the identity file, it contains your virtual identity. The other file, as implied by its name, can be made public.
To allow yourself to log on to other machines using this key you copy the identity.pub to the remote machine and append it to the .ssh/authorized_keys file. You could do this with a command like cat .ssh/identity.pub | ssh <remoteHost> "cat >> .ssh/authorized_keys". If you are using the keys to log in to cern, you can use lxplus.cern.ch for THIS step, even though the cmt server is atlas-sw.cern.ch (which is the server you will need in your .ssh/config file).
Now you should be able to log on to the remote machine using your key and not using your unix password. You still need to type your key's password though every time (if you look at the prompt it should be clear which password it is asking you for). To avoid that you can use the ssh-agent program (more about that in a moment).
If you can't log on with your key's password instead of your unix password it could be that you are using Protocol 2 instead of 1 (which allows AFS token passing). To make sure you use version 1 you can add a line containing "Protocol 1,2" to the file .ssh/config, this says if possible use protocol 1, if that isn't possible, then use 2.
If that doesn't fix the problem then your authorized_keys file may not be readable by the ssh daemon. This can happen if your remote home directory is on AFS (as is the case at CERN and SLAC). For this to work you will need to move the authprized_keys file to a directory that is publically readable. At SLAC this is done for you when the account is setup. At CERN you need to do this by hand. You should have a "public" directory in your home directory there, so that can be used. Login to CERN and then do mkdir public/.ssh; mv .ssh/authorized_keys public/.ssh; ln -s ../public/.ssh/authorized_keys .ssh/authorized_keys.
If your window manager has not already started an ssh-agent for you (check with ps x | grep ssh-agent) start it with a command like eval `ssh-agent`. We run it as an argument to eval as this will set some environment variables in your current shell that are needed to talk to the ssh-agent. Now you can load your keys into the agent with the ssh-add command. It will prompt you for the password for your key(s). You can check they've been loaded correct by running ssh-add -l.
Now any ssh usage from that terminal (or any, if your window manager started ssh-agent for you) can connect without using a password.
For machines that do not allow X forwarding (like the ATLAS cvs server) you can add a section to the .ssh/config file on your local machine to avoid getting warning messages about that. For the ATLAS cvs server it would look like this;
Host = atlas-sw.cern.ch
ForwardX11 = no