I’ll set this up once or twice each year. And every time something will go wrong and I’ll have to read the instructions from several sources again and again. I just did all that again. So, I’m going to write down the steps for future reference:
1. user@client$ ssh-keygen -t rsa # use empty passphrase
2. user@client$ cat .ssh/id_rsa.pub | ssh user@server 'cat >> .ssh/authorized_keys' # .ssh directory must exist in server.
3. user@server$ chmod 600 $HOME/.ssh/authorized_keys
4. user@server$ chmod 700 $HOME/.ssh
5. user@server$ chmod 755 $HOME # Make sure the home directory is not group/other writable.
Now, user can login to server from client without password.