SSH (Secure SHELL) is an open source and most trusted networkprotocol that is used to login into remote servers for execution of commandsand programs. It is also used to transfer files from one computer to anothercomputer over the network using secure copy (SCP) Protocol.
In this article we will show you how to setuppassword-less login using ssh keys to connect to remote Linux servers without entering password. Using Password-less login with SSH keys will increasethe trust between two Linux servers for easy file synchronization or transfer.
If you are dealing with number of Linux remote servers,then SSH Password-less login is oneof the best way to automate tasks such as automatic backups with scripts,synchronization files using scp and remote command execution.
In this example we will setup SSH password-less automaticlogin from server 192.168.1.1 as user tecmint to 192.168.1.2 with user sheena.
Step 1: Create AuthenticationSSH-Kegen Keys on – (192.168.1.1)
First login into server 192.168.1.1 with user tecmint and generatea pair of public keys using following command.
[tecmint@tecmint.com ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key(/home/tecmint/.ssh/id_rsa): [Press enter key]
Created directory '/home/tecmint/.ssh'.
Enter passphrase (empty for no passphrase): [Pressenter key]
Enter same passphrase again: [Press enter key]
Your identification has been saved in/home/tecmint/.ssh/id_rsa.
Your public key has been saved in/home/tecmint/.ssh/id_rsa.pub.
The key fingerprint is:
af:bc:25:72:d4:04:65:d9:5d:11:f0:eb:1d:89:50:4ctecmint@tecmint.com
The key's randomart image is:
+--[ RSA 2048]----+
| ..oooE.++|
| o. o.o |
| .. . |
| o . . o|
| S. . + |
| .. . o|
| . oo ..|
| ++ |
| +. |
+-----------------+
Step 2: Create .sshDirectory on – 192.168.1.2
Use SSH fromserver 192.168.1.1to connect server 192.168.1.2 using sheena as user and create .sshdirectory under it, using following command.
[tecmint@tecmint ~]$ ssh sheena@192.168.1.2 mkdir -p .ssh
The authenticity of host '192.168.1.2 (192.168.1.2)' can't be established.
RSA key fingerprint is d6:53:94:43:b3:cf:d7:e2:b0:0d:50:7b:17:32:29:2a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.2' (RSA) to the list of known hosts.
sheena@192.168.1.2's password: [Enter Your Password Here]
Step 3: UploadGenerated Public Keys to – 192.168.1.2
Use SSH from server 192.168.1.1and upload new generated public key (id_rsa.pub) on server 192.168.1.2 under sheena‘s.sshdirectory as a file name authorized_keys.
[tecmint@tecmint ~]$ cat .ssh/id_rsa.pub | ssh sheena@192.168.1.2 'cat >> .ssh/authorized_keys'
sheena@192.168.1.2's password: [Enter Your Password Here]
Step 4: SetPermissions on – 192.168.1.2
Due to different SSH versions onservers, we need to set permissions on .ssh directory and authorized_keys file.
[tecmint@tecmint ~]$ ssh sheena@192.168.1.2 "chmod 700 .ssh; chmod 640 .ssh/authorized_keys"
sheena@192.168.1.2's password: [Enter Your Password Here]
Step 5: Login from192.168.1.1 to 192.168.1.2 Server without Password
From now onwards you can log into192.168.1.2as sheenauser from server 192.168.1.1 as tecmint user without password.
[tecmint@tecmint ~]$ ssh sheena@192.168.1.2