RSS

Keyless SSH using ssh-keygen and ssh-copy-id

11 Oct

It is tedious to require to enter password for multiple Linux systems especially for maintainence purpose. To resolve this problem, make you access to remote systems without requiring password using SSH.

1. Create public and private keys using ssh-key-gen

pigeon@ubuntu:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/pigeon/.ssh/id_rsa):
Created directory ‘/home/pigeon/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/pigeon/.ssh/id_rsa.
Your public key has been saved in /home/pigeon/.ssh/id_rsa.pub.
The key fingerprint is:
44:db:db:fd:ad:70:4e:a6:88:79:6d:14:d8:01:40:52 pigeon@ubuntu
The key’s randomart image is:
+–[ RSA 2048]—-+
| .oE… |
| o o . |
| o .o . |
| . .oo. |
| S . … |
| . ..|
| o. + o|
| o..oB . |
| o…. o |
+—————–+

2. Copy the public key to remote systems using ssh-copy-id

pigeon@ubuntu:~$ ssh-copy-id -i /home/pigeon/.ssh/id_rsa.pub ubuntu2.com
pigeon@ubuntu2.com’s password:
Now try logging into the machine, with “ssh ‘ubuntu2.com'”, and check in:

.ssh/authorized_keys

to make sure we haven’t added extra keys that you weren’t expecting.

3. Login to remote system without password

pigeon@ubuntu:~$ssh ubuntu2.com
Last login: Tue Oct 11 14:33:23 2011 from 192.168.1.2
$ uname
Linux

Caution:
If you encountered problem to access remote system after ssh-trusted completed.
Sometimes, it might due to permission file and directory. For troubleshooting purpose, always check the log files for errors.

Always make sure $HOME/.ssh/authorized_keys is set to 600
$ chmod 600 $HOME/.ssh/authorized_keys

“StrictModes yes” under sshd_config

Require that users set the correct permissions on their key files and the directories that they are stored in. In order for keys to pass strict mode, they must not be writable by anyone but the owner. Suggest a chmod of 600 for the keyfile.

 
4 Comments

Posted by on October 11, 2011 in linux

 

Tags: , , , ,

4 responses to “Keyless SSH using ssh-keygen and ssh-copy-id

  1. mrqrcode

    October 11, 2011 at 12:01 pm

    Definitely this blog is very informative and neatly designed. Really you\’ve motivated me strongly in my new project by this article. As a constant reader of your blog I want to tell you that your writing skills are superb.

     
  2. linuxreference

    October 16, 2011 at 12:14 pm

    Thank you for your feedback, I will continually post quality articles. 🙂

     
  3. raj

    November 25, 2011 at 12:15 am

    Thanks linuxreference for the share

     
  4. rasna

    November 28, 2011 at 7:43 am

    Hi,
    Excellent post,
    I like the way of your writing,
    Thanks a lot for the information.

     

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

 
%d bloggers like this: