Tuesday, 31 July 2012

Password Less SSH Authentication in Linux

Password Less SSH Authentication in Linux

Here we shall configure two Linux (RHEL) Servers in such manner that one server can login on another Linux server without asking password.  This can be possible by using Public and Private Key combination of encryption and decryption.
                             Here we shall configure server1 and server2 servers in manner that server1 can ssh on server2 without password. Follow the below steps for password less authentication setup between two servers.

1.   Generate Public and Private Key on source server (server1)

We can use rsa or dsa encryption algorithm for generating keys. Here we shall use rsa algorithm in generation of public and private key.

[root@server1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
d3:f4:61:00:eb:5a:3b:4d:28:b1:93:c0:83:d4:1a:9e root@server1
The key's randomart image is:
+--[ RSA 2048]----+
|  ..    ...      |
| ..o.    . .     |
| ..++ . . . o    |
|  E  o = + o .   |
|      = S o .    |
|       = =       |
|      . o .      |
|         .       |
|                 |
+-----------------+

[root@server1 ~]# cd /root/.ssh/
[root@server1 .ssh]# ls -ltr
total 8
-rw-r--r-- 1 root root  395 Jul 31 12:49 id_rsa.pub
-rw------- 1 root root 1675 Jul 31 12:49 id_rsa
The Keys are generated under /root/.ssh Directory. Here id_rsa.pub is Public Key and id_rsa is Private Key.

During Key Generation it will ask to enter data in below lines so keep them default by simple press Enter.

Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.

2.   Create .ssh directory on server2.

[root@server2 ~]# mkdir /root/.ssh
[root@server2 ~]# chmod 600 /root/.ssh

Here Permission is very important on /root/.ssh directory otherwise password less authentication will not work.

3.   Copy Public key from server1 to Remote Server (server2) through SSH.

[root@server1 .ssh]# scp id_rsa.pub root@server1:/root/.ssh/authorized_keys

Now password less authentication setup has been completed.

4.   Testing by login on remote host.
We can test password less authentication by doing SSH from server1 to server2 server. If it doesn’t ask password it is successes.    
[root@server1 ~]# ssh root@server2
Last login: Mon Jul 30 20:04:52 2012 from 10.0.0.206
[root@server2 ~]#
         
We used above configuration for root user. We can make this setup for different user also instead of root. If we make setup for another user then we need to user that user’s home directory instead of root user’s directory for storing public and private key on servers.
 For Ex- Use /home/user/.ssh directory instead of /root/.ssh directory.
----------------------------------------------END----------------------------------------------------
Please write me at jitendrakumaryogi@gmail.com if facing issue with Linux problem.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)