If you want to SSH login without password or automate your task between two servers, you need to setup SSH login via certificate.
This topic has detail steps on How to setup an SSH cetificate.
Step1: Generating RSA key
You login to your server and type the following command:
[root@lifelinux~]#ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: a5:4c:29:3f:92:be:ee:41:03:8d:aa:59:c0:3e:f1:85 root@lifelinux
The command ssh-keygen -t rsa initiated the creation of the key pair.
No passphrase your was entered.
After this is completed, two files generated. The private key was saved in .ssh/id_rsa and public key was saved in .ssh/id_rsa.pub
Copy the public key to .ssh/authorized_keys with command:
[root@lifelinux~]#cat .ssh/id_rsa.pub >> .ssh/authorized_keys
Step2: Edit SSH config
[root@lifelinux~]#vi /etc/ssh/sshd_config
Make sure that the following settings as shown:
RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no
Step3: Restart SSH service
[root@lifelinux~]#/etc/init.d/sshd restart
Please note that for Putty you will need to import the generated private key into puttygen and export it into a new private key. This is because Putty does not support the SSH generated private key.
Related Posts:
- Linux Password Protect Files
- How To Flush The Entire Contents Of Memcache Server
- How To Extract RAR Files Under Linux
- How To Find Hard Drive Specifications
- 10 lsof Command Examples
- How To Install Monit On Centos / Redhat
- How To Install Subversion (SVN) Extension Working With PHP 5.3
- How To Setup Iptables Firewall For A Web Server On CentOS
- How Do I Fix “Host is blocked because of many connection error” In MySQL
- How To Start / Shutdown / Reboot Guest Operating Systems With virsh Command On KVM
{ 2 trackbacks }
{ 3 comments… read them below or add one }
Hey YZF
PasswordAuthentication yes
duh
When i follow this article i need to copy the rsa private key to the conecting client. Is this a vialation of the private-/ public-key infrastucture concept, isn’t it?
https://en.wikipedia.org/wiki/Public-key_infrastructure
Philipp <
You're right. This article is pretty much the exact opposite of what you should do (distributing the server's private key to the client).
The correct thing to do is generate a key pair on the client, then add the client's public key to the server's authorized_keys file