Archive for November, 2011

Passwordless Log in to Linux

Saturday, November 5th, 2011

I was annoyed with having to enter passwords across multiple machines multiple times. this is something straight-forward..

On the Server (Machine to connect to):

Ensure PublicKeyAuthentication and RSA Authentication is accepted

vi /etc/ssh/sshd_config

Uncomment lines:

RSAAuthentication yes
PubkeyAuthentication yes

Restart SSH server

CentOS / RHEL / Fedora / Redhat Linux Restart SSH
# /etc/init.d/sshd restart
# service sshd restart

Debian / Ubuntu Linux Restart SSH
# /etc/init.d/ssh restart
# service ssh restart

FreeBSD Restart SSH
# /etc/rc.d/sshd restart

UNIX Restart SSH
# kill -HUP `cat /var/run/`

On the Client (Machine to connect from)

Create public/private keypairs (~/.ssh/id_rsa and ~/.ssh/

ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/aalap/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/aalap/.ssh/id_rsa.
Your public key has been saved in /home/aalap/.ssh/

Although it is very much possible to copy the contents of ~/.ssh/ (on the client) to ~/.ssh/authorized_keys (on the server), it is easier to do it from the client side using ssh-copy-id

ssh-copy-id -i ~/.ssh/ username@remote_host

Okay, I have multiple machines to connect to: What should I do? Use the same key-pair?
Yes, you probably can, what that means is that if its gets compromised you will have to go to each and every system you use the same shared key on and revoke the public key manually. There is a security risk but it works fine.