Thursday, January 27, 2011

SSH without enter password

Step 1 of 2 : On local machine: Generate Authentication Keys



$ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/luan/.ssh/id_rsa):
Accept the default choice. Hit enter.

Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Hit enter twice. A passphrase encrypts your private key so that no one can see it. However, you should NOT encrypt your private key if you want a password-less login.

The key fingerprint is:
5e:26:52:34:a1:22:18:68:11:11:7d:8d:c6:d5:4b:bf luan@luan.com
What just happened?

On your local server you just created 2 files in your ~/.ssh directory.

cd ~/.ssh
ls -l
-rw------- 1 luan luan 1675 2011-01-27 17:27 id_rsa
-rw-r--r-- 1 luan luan 411 2011-01-27 17:27 id_rsa.pub
id_rsa contains your private key. id_rsa.pub contains your public key.

Step 2 of 2 : On remote machine: authorize password less login

Login to remote machine

$ssh hostname -l username
The authenticity of host 'luan.com (XXX.XXX.XXX.XX)' can't be established.
RSA key fingerprint is 44.2b:93:ce:1b:1b:99:3a:6d:91:d1:50:aa:0d:87:40.
Are you sure you want to continue connecting (yes/no)?
Type yes and hit enter.

Warning: Permanently added 'luan.com,XXX.XXX.XXX.XX' (RSA) to the list of known hosts.
username@luan.com's password:
Enter your password, and hit enter.
Create a .ssh directory on the remote machine and create a .authorized_keys file in that directory. You need to copy the entire contents of your local machine’s ‘id_rsa.pub’ and paste it in the .authorized_keys file on the remote server.

$mkdir -p .ssh
$chmod 700 .ssh
$cd .ssh
$touch authorized_keys
$chmod 600 authorized_keys
$vi authorized_keys
# copy-paste the entire contents of your local machine's ~/.ssh/id_rsa.pub file in authorized_keys
# logout
exit
Important: Make sure you have the right permissions for .ssh directory and authorized_keys file, as shown in chmod command above otherwise SSH will not honor your authorized_keys.

You should now be able to login to the remote server without typing your password.

# type this command from your local machine
$ssh hostname -l username
SSH should log you in without password! Now, you can also scp or rsync (over ssh) without having to enter your password.
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)