Sometimes, as a Linux/Unix system admin, you require to login to remote servers, but if this is your daily task and you frequently login to remote servers, which are under your observation, then entering passwords every time to login feels annoying.
To resolve the above problem and save some time entering the password, you can set up passwordless SSH authentication in few simple steps.
The command used for this tutorial will be “ssh-keygen” and “ssh-copy-id” command. The first command will generate public and private keys and second will copy them to the remote server, though you will require user password that time.
This can be done for any active user in your Linux system. I have already made a tutorial on “how to do password less SSH” for Redhat Enterprise Linux 6, whose video is given below and similar process is also for RHEL 7 and below command line which are posted here are from Redhat Enterprise Linux 7/CentOS 7.
Steps to do Passwordless SSH
Step 1. ssh-keygen:
Enter “ssh-keygen -t rsa” command which will generate public/private RSA key pair as below. Please keep default values and when asked for the password, just press enter key. You don’t have to enter any password that time.
[pawan@dev1 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/pawan/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/pawan/.ssh/id_rsa.
Your public key has been saved in /home/pawan/.ssh/id_rsa.pub.
The key fingerprint is:
The key's randomart image is:
+--[ RSA 2048]----+
|.o . |
|. . . |
| . . = |
|= . * S |
|+. . o + . |
| oo o |
|o .+ . |
| ..oo |
-t: specify type: Specifies the type of key to create. The possible values are “rsa1” for protocol version 1 and “dsa”, “ecdsa” or “rsa” for protocol version 2.
Now to copy key generated in step 1 to remote server, just use “ssh-copy-id” command as shown below. It will ask you the password of the user one time.
[pawan@dev1 ~]$ ssh-copy-id -i 192.168.1.15
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.1.15'"
and check to make sure that only the key(s) you wanted were added.
Testing Password-less SSH
Now to test that you have done correct password less ssh setup, you will have to login to remote server. And this time the server should not ask you the password.
[pawan@dev1 ~]$ ssh firstname.lastname@example.org
Last login: Fri Mar 27 15:04:30 2015 from 192.168.1.13
[pawan@dev2 ~]$ uname -n
Below is the video which I created for this tutorial, please watch it and let me know your feedback.
The above video is created using Redhat Linux 6 as I told you above. If you have any issue, please comment below or email me. I will be happy to help you. Do not forget to subscribe to my email newsletter. It’s FREE!
Incoming search terms:
- what is use of ssh-copy-id -f