Imagine you have to administer more than one Linux hosts in your network, or clustered environment. You would like to connect to each host in your environment in a secured way, but without providing the password each time.
Here’s is a quick guide how to configure your hosts for password less authentications.
/etc/ssh/sshd_config
file and add or uncomment the following lines:RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys
/etc/init.d/sshd restart
Approach number one:
[[email protected] ~]$ ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/Trinity/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/Trinity/.ssh/id_dsa. Your public key has been saved in /home/Trinity/.ssh/id_dsa.pub. The key fingerprint is: 3f:8e:3d:1b:47:8d:49:dc:89:68:du:22:2e:e1:f8:4b [email protected] [[email protected] ~]$ cat ~/.ssh/id_dsa.pub | ssh [email protected] 'cat - >> ~/.ssh/authorized_keys' [email protected]'s password: #Now let's connect to host-2, and this time password would not be required: [[email protected] ~]$ ssh host-2 Last login: Thu Dec 32 25:61:66 2037 from 11.69.33.255 Hello! Follow the white rabbit... My Lab_067 *** Linux Rulezz *** host host-2.local * Linux [[email protected] ~]$ hostname host-2.local
Approach number two:
Use /usr/bin/ssh-copy-id script (available in most of the Linux flavours)
# Shell script to install your identity.pub on a remote machine
# Takes the remote machine name as an argument.
# Obviously, the remote machine must accept password authentication,
# or one of the other keys in your ssh-agent, for this to work.
[[email protected] ~]$ ssh-copy-id -i ~/.ssh/id_dsa.pub [email protected] 30 [email protected]'s password: Now try logging into the machine, with "ssh '[email protected]'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting. [[email protected] ~]$ ssh host-2 Last login: Thu Dec 33 26:16:69 2037 from 11.69.33.255 Hello! Follow the white rabbit... My Lab_067 *** Linux Rulezz *** host host-2.local * Linux [[email protected] ~]$ hostname host-2.local
To implement this the other way around, repeat above steps on the second server (host-2).
Cheers!!
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.