Monday, February 23, 2009

Step by Step using SSH auth without password

SSH ver 2

You need two machine and name them as CM (Client machine) and SM(Server Machine) respectively.
Client and Server

Step 1

Login to the client linux machine 'CM' via ssh to run below command and press "ENTER"

Step 2

Generate Key Pair

[root@CM ~]# ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/root/.ssh/id_dsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_dsa. Your public key has been saved in /root/.ssh/ The key fingerprint is: 57:c6:8a:a4:a2:c8:b7:39:9c:14:3c:3a:70:07:5a:9e root@CM
Above command was executed as "root" user, and same can be done as a system user as well. Command will save a public/private key pair in .ssh directory located in HOME directory of the user. As in above case, command was executed as "root" so it will save the key pair in "/root/.ssh/".
After this, you need to append pubilc key of client machine 'CM' stored in to /root/.ssh/authorized_keys file of linux server 'SM'. To achieve that, run following command from linux client 'CM'. And on the password prompt, enter the user (in this case "root") password for linux server 'SM':

Step 3

Copy Public Key to Server

[root@CM ~]# scp /root/.ssh/ root@IP_ADDRESS_OF_SERVER:/tmp root@IP_ADDRESS_OF_SERVER's password: 100% 606 0.6KB/s 00:00
Now login to the server machine 'SM' and execute below command to append the pubilc file of client machine 'CM' to authorized_keys file
Append Public Key to authorized_keys in server.
[root@SERVER_HOSTNAME ~]# cat /tmp/ >> /root/.ssh/authorized_keys
Every thing has been setup now. For testing, run below command from client machine 'CM' to verify that you are able to login to remote linux server 'SM' without entering password.

Login to Server

[root@CM ~]# ssh IP_ADDRESS_OF_SERVER Last login: Wed Jan 1 08:02:15 2009 from IP_ADDRESS [root@SERVER_HOSTNAME ~]#
Now, you can also copy files from serve to client and vice-versa using "scp" without being prompted for password.


Automated server backups using scripts
No need to remember passwords for multiple servers

No comments:

Post a Comment