Skip to main content

connecting to SSH server passwordless

If you have to connect to an SSH server frequently or you want to make a shell script using ssh, you might want to consider connecting to it passwordless. This trick is now new. I have heard about this long time ago but didn't have any necessity for it so I ignored it until recently.

by the time of this writing, I have just completed my script for backup using SSH passwordless. Here I want to share the way I did it in a simple way. I hope it benefits others. Bear in mind that, all ssh utilities like sftp, scp and ssh can use passwordless connection once we complete setup one.

Step 1
  • Connect to SSH server and open up sshd_config in /etc/ssh or equivalent. Check your distro documentation.
  • Make sure you have the following entries:
    # Allow Identity Auth for SSH1?
    RSAAuthentication yes

    # Allow Identity Auth for SSH2?
    PubkeyAuthentication yes

    # Authorized Keys File
    AuthorizedKeysFile ~/.ssh/authorized_keys
Step 2
  • Make RSA keys using ssh-keygen in your home directory of ssh client.
    $ cd ~  
    $ mkdir identity-test
    $ cd identity-test
    $ ssh-keygen -f id_rsa -t rsa
    Generating public/private rsa key pair.
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:

    Your identification has been saved in id_rsa.
    Your public key has been saved in
    The key fingerprint is:
    c3:af:e9:6c:2f:19:4d:b5:1a:a9:40:06:54:e6:60:08 me@localhost
  • look at the created files
    $ ls

    The contains the public key and id_rsa contains private key.
  • copy the content of to ~/.ssh/authorized_keys
    Two ways to achieve this
    1. login to ssh server and paste the content into the file
    2. using scp to copy the content into the file
  • So, let's test logging in with this key. Since we have put the test key in a non-standard place, we will need to reference it explicitly on the command line:
    $ ssh username@server -i ~/identity_test/id_rsa
    $username@server$ hostname
    $username@server$ exit

    $ ssh username@server -i $HOME/identity_test/id_rsa "echo Success!"
  • In the above examples, if you can login without password then the setup is a success. If not, please recheck the setup.
Have fun ssh'ing :)


Popular posts from this blog

mplayer-gui error : Error in skin config file

After installing mplayer-gui package, I can't start it.

$ gmplayer MPlayer 1.1-4.8 (C) 2000-2012 MPlayer Team mplayer: could not connect to socket mplayer: No such file or directory Failed to open LIRC support. You will not be able to use your remote control. Error in skin config file on line 6: PNG read error in /usr/share/mplayer/skins/default/main Config file processing error with skin 'default'
After googling a bit, I found out that it was due to the png files in dir /usr/share/mplayer/skins/default. This is the default skin directory. To fix this error, I have to install ImageMagick package because I want to use the convert program to convert all of the png files to format png24. Thus, cd /usr/share/mplayer/skins/default; for FILE in *.png ; do sudo convert $FILE -define png:format=png24 $FILE ; done
Rerun gmplayer and all should be fine.
Have fun!
UPDATE (02-10-2017)

It doesn't work on Ubuntu 16.04 (xenial) but there's a workaround here.

You can update your syst…

Transparent proxy with squid 2.6

I have upgraded my squid from 2.5 STABLE13 to 2.6 STABLE18. Transparent proxy is setup differently in this version. You need this directives in squid.conf (usually in /etc or /usr/local/etc or /usr/local/squid/etc, check with your distro).

acl our_networks src
http_access allow our_networks
http_port transparent
always_direct allow all

where is your proxy server IP address.

If you have flushed your iptables, create new rule:

iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128

where 3128 is the port where squid is running.

postfix - mailbox size limit and message size limit

postfix is my MTA of choice. I use it for my mailserver because its simplicity , security and sendmail-compatible (the widely used smtp in the world but not as secure). It is also extensible by plugging other servers for various purposes (antispam, antivirus,database etc).

I had one problem with file attachment larger than 10MB. Users couldn't send it although I have setup squirrelmail (SM) to be able to attach files summed up more than 20MB and I had modified php settings as per here. The problem was not in SM setting. It was postfix. By default, attachment size that can be sent by postfix is 10MB ~ 10240000 byte. How did I know it? I looked in log file (for my system it is in /var/log/mail/errors. For other system, the file to look is /var/log/maillog). The line looked like this:

Feb 26 16:30:53 webmail postfix/sendmail[30775]: fatal: Message file too big

Open /etc/postfix/ with a text editor of choice and find message_size_limit directive an…