Hi guys, did you want to use SSH without password?...
Here is a very simple trick to do this...
The answer is using private-key & public-key.
Theory is very simple, first generate pair key (Private&public
key ) then put the public key into the server machine, so when another
machine request login from ssh, it will compare the public key on server
machine with the private-key.
Here is the example.
You want to login from computer A as root and Computer B as root.
From computer A, you generate the pair-key ( public&private key ).
From computer A, you generate the pair-key ( public&private key ).
[root@A ~]# mkdir .ssh
[root@A ~]# ssh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa):Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:11:42:12:25:16:cc:e2:5e:32:d7:72:48:20:78:25:e2 root@A
note : Just hit enter to empty the passphrase.
[root@A ~]# cat .ssh/id_rsa.pub
Copy all the string into clipboard first.
On Machine B, create the directory .ssh , usually this folder is already exists
On Machine B, create the directory .ssh , usually this folder is already exists
[root@B ~]# mkdir .ssh
Check B authorized key file on the sshd config
[root@B ~]# cat /etc/ssh/sshd_config | less
You will find a line contains
AuthorizedKeysFile .ssh/authorized_keys
that means the authorized_keys is in the $HOME/.ssh/authorized_keys
Therefor you need to paste the clipboard string copied from public key machine A
And you are done. You may try to login ssh from machine A. Meanwhile keep your eyes on the log of machine B
[root@B ~]# tail -f /var/log/secure
Authentication refused: bad ownership or modes for directory /root
The common failure is about the permission, you need to change the /root , .ssh and authorized_keys into 700 on machine B.
Thanks
1 comments:
your previous tutorial is better thn this one
http://www.pctipsbyanu.co.cc/2010/06/password-less-ssh-login_1318.html
Post a Comment