2009年10月23日 星期五

login a server without password in ssh environment

memo down interesting thing here. More Linux Remote Networking Tips and Tricks (part 2)

Here is the assumption:
SERVER - where the sshd is running
CLIENT - where the ssh is running


1. configure SERVER's sshd to accept encryption keys login, not only password logins.

in SERVER's /etc/ssh/sshd_config, enable following config line

RSAAuthentication yes
PubkeyAuthentication yes

then , ask sshd to read the config file again by sending SIGHUP to the running sshd

2. create encryption keys in CLIENT's.

# cd ~/.ssh
# ssh-keygen -t rsa -f user_SERVER
ssh-keygen -t rsa -f root_ora1
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in user_SERVER.
Your public key has been saved in user_SERVER.pub.
The key fingerprint is:
ea:3b:de:02:b6:38:d6:c5:9e:1a:68:fa:e7:64:50:35 user@CLIENT

3. install the public key to SERVER
# cd ~/.ssh
# ssh-copy-id -i user_SERVER user@SERVER
0
user@SERVER's password:
Now try logging into the machine, with "ssh 'user@SERVER'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.


4. create alias to save the typing.

# alias 2SERVER='ssh -i ~/.ssh/user_SERVER user@SERVER'

And you can run 2SERVER to login SERVER as user now.

沒有留言: