208.319.9835Password-less SSH Login
I manage several linux server to which I must login on a daily basis using SSH. Each server has different credentials.
Not only do I use SSH, but I often use SCP (secure copy) to copy files from one server to another. Both commands require a password.
There is a way, however, to create a unique key pair so that you can login to a remote server without having to enter a password.
SSH Without a Password
The steps are simple and straightforward.
1. On the client run the following commands:
$ mkdir -p $HOME/.ssh $ chmod 0700 $HOME/.ssh $ ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P '' $
NOTE: Those are a pair of single quotes after the -P, which will set an empty password.
This will create two keys, a private key and a public key, the .ssh folder.
2. Copy $HOME/.ssh/id_dsa.pub to the remote server.
3. Log in to the remote server and run the following commands:
$ cat id_dsa.pub >> .ssh/authorized_keys $ chmod 0600 .ssh/authorized_keys $
That’s it! You can log out of the remote server then log in using SSH and will not be prompted for a password.
scott@blackjack:~$ ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P '' Generating public/private dsa key pair. Your identification has been saved in /home/scott/.ssh/id_dsa. Your public key has been saved in /home/scott/.ssh/id_dsa.pub. The key fingerprint is: a5:3c:b6:e9:13:85:62:34:ee:6f:56:47:46:6f:dd:8b scott@blackjack The key's randomart image is: +--[ DSA 1024]----+ | | | o . | | o . ... . ..| | +..o. o o o| | o .S. o .. .| | ...+. .E . | | .oo . | | .= | | o.. | +-----------------+ scott@blackjack:~$ cd .ssh scott@blackjack:~/.ssh$ ll total 24 drwx------ 2 scott scott 4096 2010-08-17 09:01 ./ drwxr-xr-x 55 scott scott 4096 2010-08-17 08:58 ../ -rw------- 1 scott scott 668 2010-08-17 09:01 id_dsa -rw-r--r-- 1 scott scott 605 2010-08-17 09:01 id_dsa.pub -rw-r--r-- 1 scott scott 4714 2010-06-25 14:55 known_hosts scott@blackjack:~/.ssh$ scp id_dsa.pub sstanger@midnight:/home/sstanger/ sstanger@midnight's password: id_dsa.pub 100% 605 0.6KB/s 00:00 scott@blackjack:~/.ssh$ ssh sstanger@midnight sstanger@midnight's password: [sstanger@midnight ~]$ cat id_dsa.pub >> .ssh/authorized_keys [sstanger@midnight ~]$ chmod 0600 .ssh/authorized_keys [sstanger@midnight ~]$ exit Connection to midnight closed. scott@blackjack:~/.ssh$ cd scott@blackjack:~$ scott@blackjack:~$ ssh sstanger@midnight [sstanger@midnight ~]$
NOTE: On some systems the ssh policies may not allow this. If this is the case then you can make this change on the remote host:
[sstanger@midnight ~]$ mv .ssh/authorized_keys .ssh/authorized_keys2 [sstanger@midnight ~]$ chmod 700 .ssh [sstanger@midnight ~]$ chmod 640 .ssh/authorized_keys2 [sstanger@midnight ~]$
- Posted by
Scott Stanger - Posted in linux
Aug, 17, 2010
No Comments.
Partners
Search High Corral
Categories
- linux (6)
- ubuntu (2)
- ubuntu 12.04 LTS (1)
- useful stuff (2)