Supposed you feel more convenient and hassle-free to ssh into your server box without being asked for any password. Below is an elaborated roll out of a passwordless ssh connection.
We would require 2 linux boxes here, referred to as remote box and a local box. And our objective here is to have a passwordless ssh connection from your local box into your remote box via ssh.
Let us start from the local box.
First, we need to generate a 1024-bit rsa key. We are going to use rsa key pairs here instead of dsa ones. We won't be using dsa unless rsa is not wokring. Simply issue this command as root
# ssh-keygen -t tsa -b 1024
By default, the output files of this command are
/root/.ssh/id_rsa
/root/.ssh/id_rsa.pub
You will be asked interactively when these files does exist. Additionally, we are not going to enter any passphrase for now, that means we are going to hit the enter key 2 times when asked as things would still work out right without the passphrase.
Below is sample CLI screen that you'll be seeing during the creation of the 1024 bit rsa pair keys.
[root@ver .ssh]# ssh-keygen -t rsa -b 1024
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
0c:33:54:c4:47:4f:35:db:31:57:63:5b:a4:77:f2:43 root@yourdomain.com
I have not enter any passphrase as you can see.
Now, still from local box, establish ssh connection into your remote box. By default, this ssh connection would drop you automatically into your default path location, normally it would be /home/yourusername, and from there, NOT as root, create .ssh folder like so
yourusername@yourhost ~]$ mkdir .ssh
After that, type exit to close current ssh session with remote box.
Back to your local box, let us transfer the rsa key file /root/.ssh/id_rsa.pub into the .ssh folder we've just created from the remote box, like so:
AS ROOT FROM LOCAL BOX:
# cd /root/.ssh
# scp -C id_rsa.pub yourusername@yourremoteboxip:~yourusername/.ssh/authorized_keys
This would transfer the file /root/.ssh/id_rsa.pub into the remote box and saved it as authorized_keys done via ssh. The file would be dropped into your home folder owned by your own user account.
The easiest way to do it is by using ssh-copy-id :
# ssh-copy-id -i /root/scripts/id_rsa.pub your-username@yourdomainname.com
AS YOUR NORMAL USER ACCOUNT FROM REMOTE BOX DO:
# cd ~yourusername/.ssh
# chmod 600 authorized_keys
# chown yourusername:yourusername authorized_keys
Finally, close all your ssh connection and now try a password-less ssh with your remote box.
...works like magic!
Subscription
Categories
- HowTos (612)
- Linux Devices (40)
- Linux Diggs (620)
- Linux News (1541)
- Linux Videos (24)
Recent Posts
Blog Archive
-
▼
2007
(340)
-
▼
July
(107)
- AMSN messenger install howto
- firefox browser - yum update howto
- kopete messenger install howto
- Gaim pidgin messenger install howto
- xmms - multimedia player install howto
- UltraDMA - speedup your harddisk howto
- sabayon - user profile manager howto
- 50 quick linux command tips part 3
- No negotiations with Microsoft in progress
- connect SamSung D820 mobile to linux howto
- yum from ISO image or CD install howto
- missing portmap reinstall howto
- 50 quick linux command tips part 2
- 50 quick linux command tips part 1
- desktop wiki install howto
- NASA tests Linux for spacecraft control
- warzone 2100 strategy 3d game install howto
- motd - message of the day
- more with kernel name version howto
- stop and start networking service howto
- change network proxy preference howto
- alexa firefox toolbar plugin install howto
- reboot / halt system via CLI howto
- gparted partitioning install howto
- google picasa install howto
- pine and pico install howto
- adobe/macromedia flash player test and install howto
- realplayer install howto
- Microsoft's TrueType core fonts install howto
- Why Choose Fedora? (Fedora vs. Ubuntu)
- Microsoft vs Opensource
- the df command
- linux possessed by monsterz
- change display setting howto
- NTP clock synchronization howto
- qtparted partitioning magic install howto
- host name and host aliases explained
- IP aliasing - virtual IP howto
- viruskiller on linux
- change keyboard language setting
- changing ethernet card settings howto
- TIP: WiFi with chillispot and linux
- play tennis the linux way
- sudoku game install howto
- my linux box talked to me
- CD/DVD burning software install howto
- A SYSAD BLOG - LINUX: list out active host connect...
- list out active host connection howto
- more with linux command named history
- GnuPG and enigmail thunderbird add-ons
- PDF file readers install howto
- digikam - KDE photo management install howto
- gnome floppy formatter
- f-spot Gnome photo manager install howto
- VLC media player install howto
- ping IP subnet block howto
- TIP: find and delete files recursively
- list out opened host ports howto
- TIP: linux process priority scheduling management
- TIP: spammer sending email using squid
- remount partition as read only howto
- additional swap file howto
- CrossOver install howto
- system-config-securitylevel-tui and lokkit howto
- format a windows partition from linux hadrdisk
- TIP: monitoring while mounting USB devices
- zero-sized a file without permission / ownership c...
- TIP: auto create mail spool when adding user
- md5sum checksum howto
- IP address to country lookup howto
- gnome mail notification install howto
- add new harddisk to existing linux system
- TIP: block an IP address
- disk space report
- more trace route command alternatives
- changing your hardware / software clock howto
- other interesting ping commands
- send email via CLI howto
- adding static route howto
- send message to all logged in users
- unzip zip untar tar bzip2 bunzip2 gzip gunzip file...
- format of /etc/passwd, /etc/shadow and /etc/group
- remove user's cron jobs howto
- find the user's files howto
- passphraseless + passwordless ssh howto
- passwordless ssh howto
- X11 Forwarding via ssh howto
- skype install howto
- disable IPv6
- lsusb - list all USB devices
- make yum faster
- lspci - list all PCI devices
- kill a process
- beginners CLI guide for static ip address
- the pidof command
- retrieve data from mysql using bash script
- VirtualBox install howto
- call bash script inside php web page
- alternative linux browsers
- last / currently logged in users
-
▼
July
(107)
Monday, July 9, 2007
passwordless ssh howto
Subscribe to:
Post Comments (Atom)
ILoveTux - howtos and news | About | Contact | TOS | Policy
0 comments:
Post a Comment