When we say password less authentication, we mean that the client authentication is carried out using public and private keys.
Generate public/private key pair
The ssh-keygen utility is used to generate the public/private key pair. The keys generated are stored under .ssh directory in the user home directory. The private key is never shared and stored in the local machine whereas the public key is distributed to the machines you want to login to.
Use the below command for generating RSA key pair
ssh-keygen.exe -t rsaCommand for generating DSA key pair
ssh-keygen.exe -t dsa
When executing the above command, you are prompted to enter the passphrase for the keys. Enter blank if you want to login to the remote machine without any password/passphrase prompt.
Note: Using keys without the passphrase is a security risk. Make sure that the permissions of the keys are set to read and write for the user only.
chmod 600 *
Copy public key to the server machineYou can use scp command to copy the public key to the server machine securely.
After generating the public/private key pair, the newly create public key (id_dsa.pub OR id_rsa.pub) are required to be copied to the server machine using any secure file transfer utility available.
scp ~/.ssh/id_rsa.pub user@server:/home/pankajt/id_rsa.pub
Update .ssh/authorized_keys file with the public keyUse the below command to update the authorized_keys file on the server
Append the contents of the public key copied on the server machine to the file .ssh/authorized_keys
cat id_rsa.pub >> .ssh/authorized_keys
Note: Change the permission of the file authorized_keys to read and write for the user only.
chmod 600 authorized_keys
Password less SSH login
Login using ssh.exe client utility. The client should be able to connect to the remote SSH server without any password or passphrase prompt.
1 comment :
Very good post thanks a lot for sharing with us by www.quizvook.com
Post a Comment