xxxxxxxxxxxxxxxxxxxxx SSH Login Without Password By- Shirish Shukla xxxxxxxxxxxxxxxxxxxxxxx
Example: ssh from shirish@client-1 to shukla@server-1 without password
Server-1: 192.168.8.10
Client-1: 192.168.8.20
#####ON Client-1: 192.168.8.20 : user shirish
### Login as shirish
# ssh-keygen -t dsa
----------------------------------------------->> Just press Enter don't type anything
Generating public/private dsa key pair.
Enter file in which to save the key (/home/shirish/.ssh/id_dsa): <--Enter
Created directory '/home/shirish/.ssh'.
Enter passphrase (empty for no passphrase): <--Enter
Enter same passphrase again: <--Enter
Your identification has been saved in /home/shirish/.ssh/id_dsa.
Your public key has been saved in /home/shirish/.ssh/id_dsa.pub.
The key fingerprint is:
d8:6c:cb:2a:e7:24:01:43:9f:96:4a:45:e6:93:9b:f4 shirish@my.scratch.com
# ssh-copy-id -i .ssh/id_dsa.pub shukla@192.168.8.10
The authenticity of host '192.168.8.10 (192.168.8.10)' can't be established.
RSA key fingerprint is e8:0b:8a:d3:1a:d1:ce:ec:d8:f9:13:31:79:c8:03:ed.
Are you sure you want to continue connecting (yes/no)? yes <--type yes
Warning: Permanently added '192.168.8.10' (RSA) to the list of known hosts.
Password: <-- type password of shukla on Server-1: 192.168.8.10
Now try logging into the machine, with "ssh 'shukla@192.168.8.10'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
#####ON Server-1: 192.168.8.10
### Login as shukla and confirm following
1> permission of /home/shukla/.ssh 700
$ ls -lrthd .ssh/
drwx------ 2 shukla shukla 4.0K Mar 12 13:51 .ssh/
2> permission of /home/shukla/.ssh/authorized_keys 600
$ ls -lrth .ssh/
-rw------- 1 shukla shukla 614 Mar 12 13:51 authorized_keys
########### Now login as shirish on Client-1:192.168.8.20
## ssh shukla@192.168.8.10
------------------------------------------------------>> It will not prompt for password
# Faced any problem Feedback in above contact me
#===============================Scratch=============================#
# AND Many More .....................Linux is Endless #
#=========================== Hope you Liked IT ========================#
# SSH-I -- BY Shirish Shukla #
# RHC Engineer 2010 #
# shirish.linux@gmail.com #
# shirishlinux.blogspot.com #
# "Give Respect To Time One Day At Right Time, Time Will Respect You" #
#=================================================================#
# TRy Hard theres nothing that are un-achievable by HARDdd-WORKkk #
#=================================================================#
Example: ssh from shirish@client-1 to shukla@server-1 without password
Server-1: 192.168.8.10
Client-1: 192.168.8.20
#####ON Client-1: 192.168.8.20 : user shirish
### Login as shirish
# ssh-keygen -t dsa
----------------------------------------------->> Just press Enter don't type anything
Generating public/private dsa key pair.
Enter file in which to save the key (/home/shirish/.ssh/id_dsa): <--Enter
Created directory '/home/shirish/.ssh'.
Enter passphrase (empty for no passphrase): <--Enter
Enter same passphrase again: <--Enter
Your identification has been saved in /home/shirish/.ssh/id_dsa.
Your public key has been saved in /home/shirish/.ssh/id_dsa.pub.
The key fingerprint is:
d8:6c:cb:2a:e7:24:01:43:9f:96:4a:45:e6:93:9b:f4 shirish@my.scratch.com
# ssh-copy-id -i .ssh/id_dsa.pub shukla@192.168.8.10
The authenticity of host '192.168.8.10 (192.168.8.10)' can't be established.
RSA key fingerprint is e8:0b:8a:d3:1a:d1:ce:ec:d8:f9:13:31:79:c8:03:ed.
Are you sure you want to continue connecting (yes/no)? yes <--type yes
Warning: Permanently added '192.168.8.10' (RSA) to the list of known hosts.
Password: <-- type password of shukla on Server-1: 192.168.8.10
Now try logging into the machine, with "ssh 'shukla@192.168.8.10'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
#####ON Server-1: 192.168.8.10
### Login as shukla and confirm following
1> permission of /home/shukla/.ssh 700
$ ls -lrthd .ssh/
drwx------ 2 shukla shukla 4.0K Mar 12 13:51 .ssh/
2> permission of /home/shukla/.ssh/authorized_keys 600
$ ls -lrth .ssh/
-rw------- 1 shukla shukla 614 Mar 12 13:51 authorized_keys
########### Now login as shirish on Client-1:192.168.8.20
## ssh shukla@192.168.8.10
------------------------------------------------------>> It will not prompt for password
# Faced any problem Feedback in above contact me
#===============================Scratch=============================#
# AND Many More .....................Linux is Endless #
#=========================== Hope you Liked IT ========================#
# SSH-I -- BY Shirish Shukla #
# RHC Engineer 2010 #
# shirish.linux@gmail.com #
# shirishlinux.blogspot.com #
# "Give Respect To Time One Day At Right Time, Time Will Respect You" #
#=================================================================#
# TRy Hard theres nothing that are un-achievable by HARDdd-WORKkk #
#=================================================================#
You would be better off to use a passphrase on the key and use ssh-agent to negotiate the use of the key. Without a passphrase, anyone who has access to your key can obtain access to your servers.
ReplyDeleteYes we can do so, I recommend above for internal local server to perform any internal activity like rsync and so...
ReplyDelete-------> Shirish Shukla