Monday 28 November 2011
ssh without password
Optional
Advanced
Security implications, not recommended for everyone.
Prerequisit: Install cygwin on a Windows machine.
On the Windows machine, generate RSA (key-pair) public key and private key:
Double click on the cygwin icon , a black screen pops up,
ssh-keygen -t rsa
Enter file in which to save the key (/home/username/.ssh/id_rsa): just hit Enter
Enter passphrase (empty for no passphrase): just hit Enter
Here is a diagram of some of the possible topologies of your internal network.
Copy your public key to a Linux machine with sshd running
scp .ssh/id_rsa.pub username@remotehost:~
(remotehost can be a host name or an ip address) (substitute username with the actual user logon)
ssh username@remotehost
mkdir .ssh
If the file ~/.ssh/authorized_keys exists, you probably don't want to destroy that file, do:
cat id_rsa.pub >> .ssh/authorized_keys
If the file ~/.ssh/authorized_keys does not exist, do:
mv id_rsa.pub .ssh/authorized_keys
Copy your public key to a LRP box with sshd running
If the remotebox has the file /root/.ssh/authorized_keys in existence, you probably don't want
to destroy it. In that case, do: (remotebox can be a host name or an ip address)
scp .ssh/id_rsa.pub root@remotebox:/root/.ssh/newkey
ssh root@remotebox
cd /root/.ssh
cat newkey >> authorized_keys (this appends the newkey to the authorized_keys)
(If you like, make the keys permanent by typing lrcfg and backup root )
If the remotebox does not have file /root/.ssh/authorized_keys in existence:
(also make sure that on the LRP box, /root/.ssh directory exists, if not, create one by doing this)
ssh root@remotebox
cd /root
mkdir .ssh
now copy the RSA public key to the LRP box:
scp .ssh/id_rsa.pub root@remotebox:/root/.ssh/authorized_keys
Test the RSA key-authentication scheme, from the Windows machine:
ssh username@remotehost (to a Linux machine) or
ssh root@remotehost (to a LRP box)
(remotehost can be a host name, or an ip address)
You should be able to login to the remote without typing password.
pwd
shows you that you are in /home/username (Linux box) or in /root (LRP box)
If above is not successful, check sshd configuration:
vi /etc/ssh/sshd_config (on the Linux box)
RSAAuthentication yes
PubkeyAuthentication yes
or
ae /etc/ssh/sshd_config (on the LRP box)
RSAAuthentication yes
PubkeyAuthentication yes
Disclaimer
© 2002-2004 Nicholas Fong
Last revision date: September 13, 2004
Subscribe to:
Posts (Atom)