Thursday, November 2, 2006

connecting to SSH server passwordless

If you have to connect to an SSH server frequently or you want to make a shell script using ssh, you might want to consider connecting to it passwordless. This trick is now new. I have heard about this long time ago but didn't have any necessity for it so I ignored it until recently.

by the time of this writing, I have just completed my script for backup using SSH passwordless. Here I want to share the way I did it in a simple way. I hope it benefits others. Bear in mind that, all ssh utilities like sftp, scp and ssh can use passwordless connection once we complete setup one.

Step 1
  • Connect to SSH server and open up sshd_config in /etc/ssh or equivalent. Check your distro documentation.
  • Make sure you have the following entries:
    # Allow Identity Auth for SSH1?
    RSAAuthentication yes

    # Allow Identity Auth for SSH2?
    PubkeyAuthentication yes

    # Authorized Keys File
    AuthorizedKeysFile ~/.ssh/authorized_keys
Step 2
  • Make RSA keys using ssh-keygen in your home directory of ssh client.
    $ cd ~  
    $ mkdir identity-test
    $ cd identity-test
    $ ssh-keygen -f id_rsa -t rsa
    Generating public/private rsa key pair.
    Enter passphrase (empty for no passphrase): 
    Enter same passphrase again: 

    Your identification has been saved in id_rsa.
    Your public key has been saved in id_rsa.pub.
    The key fingerprint is:
    c3:af:e9:6c:2f:19:4d:b5:1a:a9:40:06:54:e6:60:08 me@localhost
  • look at the created files
    $ ls
    id_rsa     id_rsa.pub

    The id_rsa.pub contains the public key and id_rsa contains private key.
  • copy the content of id_rsa.pub to ~/.ssh/authorized_keys
    Two ways to achieve this
    1. login to ssh server and paste the content into the file
    2. using scp to copy the content into the file
  • So, let's test logging in with this key. Since we have put the test key in a non-standard place, we will need to reference it explicitly on the command line:
    $ ssh username@server -i ~/identity_test/id_rsa
    $username@server$ hostname
    $server
    $username@server$ exit

    $ ssh username@server -i $HOME/identity_test/id_rsa "echo Success!"
    Success!
    $
  • In the above examples, if you can login without password then the setup is a success. If not, please recheck the setup.
Have fun ssh'ing :)
at
Labels: ,
Subscribe to: Post Comments (Atom)

Nvidia new hotplug feature on Linux

 If you use nvidia driver for your GPU, you probably wonder why in some config, you can't hotplug your second monitor. You need to reboo...