Skip to main content

connecting to SSH server passwordless

If you have to connect to an SSH server frequently or you want to make a shell script using ssh, you might want to consider connecting to it passwordless. This trick is now new. I have heard about this long time ago but didn't have any necessity for it so I ignored it until recently.

by the time of this writing, I have just completed my script for backup using SSH passwordless. Here I want to share the way I did it in a simple way. I hope it benefits others. Bear in mind that, all ssh utilities like sftp, scp and ssh can use passwordless connection once we complete setup one.

Step 1
  • Connect to SSH server and open up sshd_config in /etc/ssh or equivalent. Check your distro documentation.
  • Make sure you have the following entries:
    # Allow Identity Auth for SSH1?
    RSAAuthentication yes

    # Allow Identity Auth for SSH2?
    PubkeyAuthentication yes

    # Authorized Keys File
    AuthorizedKeysFile ~/.ssh/authorized_keys
Step 2
  • Make RSA keys using ssh-keygen in your home directory of ssh client.
    $ cd ~  
    $ mkdir identity-test
    $ cd identity-test
    $ ssh-keygen -f id_rsa -t rsa
    Generating public/private rsa key pair.
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:

    Your identification has been saved in id_rsa.
    Your public key has been saved in id_rsa.pub.
    The key fingerprint is:
    c3:af:e9:6c:2f:19:4d:b5:1a:a9:40:06:54:e6:60:08 me@localhost
  • look at the created files
    $ ls
    id_rsa id_rsa.pub

    The id_rsa.pub contains the public key and id_rsa contains private key.
  • copy the content of id_rsa.pub to ~/.ssh/authorized_keys
    Two ways to achieve this
    1. login to ssh server and paste the content into the file
    2. using scp to copy the content into the file
  • So, let's test logging in with this key. Since we have put the test key in a non-standard place, we will need to reference it explicitly on the command line:
    $ ssh username@server -i ~/identity_test/id_rsa
    $username@server$ hostname
    $server
    $username@server$ exit

    $ ssh username@server -i $HOME/identity_test/id_rsa "echo Success!"
    Success!
    $
  • In the above examples, if you can login without password then the setup is a success. If not, please recheck the setup.
Have fun ssh'ing :)

Comments

Popular posts from this blog

mplayer-gui error : Error in skin config file

After installing mplayer-gui package, I can't start it.

$ gmplayer MPlayer 1.1-4.8 (C) 2000-2012 MPlayer Team mplayer: could not connect to socket mplayer: No such file or directory Failed to open LIRC support. You will not be able to use your remote control. Error in skin config file on line 6: PNG read error in /usr/share/mplayer/skins/default/main Config file processing error with skin 'default'
After googling a bit, I found out that it was due to the png files in dir /usr/share/mplayer/skins/default. This is the default skin directory. To fix this error, I have to install ImageMagick package because I want to use the convert program to convert all of the png files to format png24. Thus, cd /usr/share/mplayer/skins/default; for FILE in *.png ; do sudo convert $FILE -define png:format=png24 $FILE ; done
Rerun gmplayer and all should be fine.
Have fun!
UPDATE (02-10-2017)

It doesn't work on Ubuntu 16.04 (xenial) but there's a workaround here.

You can update your syst…

Moving your mysql database to another hard disk

Recently, my server's only hard disk was almost full. I bought a new hard disk with bigger size and I decided to just add it as a second hard disk. Since I need to move it to the 2nd hard disk, I need to find a proper way to move the db with minimum downtime. So I googled around and found a solution.
First, I needed to format the 2nd hard disk and I chose xfs as the filesystem. I created 2 partitions using Linux's fdisk for this task. First partition is 10 GB and 2nd one is around 900 GB. That's approximately added up to 1 TB. Then I mounted the 2nd partition in current partition eg /media/hd2 as follows:
mount -t xfs /dev/sdb5 /media/hd2
where /dev/sdb5 is the partition and /media/hd2 is the mounting dir.
Stop mysql db before doing anything:
service mysql stop
Afterthat, I copied the entire db to newly mounted hard disk:
cp -rv /var/lib/mysql /media/hd2
It will take a while if you have huge databases.
Then, change the ownership of the dir to user and group of mysql:
chown -R mysql:…

Transparent proxy with squid 2.6

I have upgraded my squid from 2.5 STABLE13 to 2.6 STABLE18. Transparent proxy is setup differently in this version. You need this directives in squid.conf (usually in /etc or /usr/local/etc or /usr/local/squid/etc, check with your distro).

acl our_networks src 192.168.2.0/24 127.0.0.1
http_access allow our_networks
http_port 192.168.2.1:3128 transparent
always_direct allow all

where 192.168.2.1 is your proxy server IP address.


If you have flushed your iptables, create new rule:

iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128

where 3128 is the port where squid is running.
References:
http://www.deckle.co.za/squid-users-guide/Transparent_Caching/Proxy