Search This Blog

Tuesday, July 31, 2012

Login without password using ssh

At first install openssh client and server using following commands.
#sudo apt-get install openssh-client
#sudo apt-get install openssh-server

Lets assume that there are two machines A and B. You want to login from B to A without using password..

1) So from machine B give following commands.
# ssh-keygen

After that press enter for the file (i.e. let it use default file), then press enter when asked for entering password.

Example from my machine:


root@hpc-13:~/.ssh# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase): (PRESS ENTER)
Enter same passphrase again:  (PRESS ENTER)
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ac:d6:6a:b2:98:f6:8a:0f:df:76:af:a6:82:7c:4f:c1 root@hpc-13
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|                 |
|    .  .         |
|     E  S        |
|      .o         |
|o.   .o .        |
|.=o=+.+.         |
|.oB=*Ooo.        |
+-----------------+

2) Now use ssh-copy-id command to do rest of the things.

 # ssh-copy-id -i ~/.ssh/id_rsa.pub username@hostname_of_remote_machine(machine A in our case)

Example from my machine:

root@hpc-13:~/.ssh# ssh-copy-id -i ~/.ssh/id_rsa.pub user@hpc-12
The authenticity of host 'hpc-12 (10.192.19.158)' can't be established.
RSA key fingerprint is 3f:9b:b2:b2:8e:36:09:4b:92:4c:df:bd:d6:14:b7:9f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hpc-12,10.192.19.158' (RSA) to the list of known hosts.
user@hpc-12's password:
Now try logging into the machine, with "ssh 'user@hpc-12'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

3) Now try ssh to machine A

#ssh user@hostname_of_remote_machine(machine A in our case)

And you should be able to login without password.


No comments: