Home » forums » Linux Support » Debian Support

passwordless SSH login

byo71's picture
Submitted by byo71 on Thu, 2007-09-27 02:54. Communications | Debian Support

need to run scripts on another server but dont want to have to include your passwords in the scripts?
Use RSA logins instead.
This uses a pre-generated set of public RSA keys to authenticate sessions rather than having to enter passwords.

On the machine you wish to log in from:

$ ssh-keygen -t rsa

make sure to leave the passphrase blank!

$ ssh-copy-id -i ~/.ssh/id_rsa.pub username@server

you will be prompted for the user's password to authenticate the key transfer.

This message will appear when the transfer is complete:

"
Now try logging into the machine, with "ssh 'username@server'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.
"

Now you have passwordless login working! Now you can just:

$ ssh username@server

and you will be logged in without the remote system asking for a password.

Script away!

» login or register to post comments | previous forum topic | next forum topic
byo71's picture

One more thing.

Submitted by byo71 on Thu, 2007-09-27 03:07.

If the remote server doesn't allow public key based logins you will need to updated the SSH configuration. To do this edit the file /etc/sshd/sshd_config with your favorite text editor.

You will need to uncomment, or add, the following two lines:

RSAAuthentication yes
PubkeyAuthentication yes

Once that's been done you can restart the SSH server - don't worry this won't kill existing sessions:

/etc/init.d/ssh restart

If your problem is you see a message similar to the following on the remote machine, in the file /var/log/auth:

Jun 3 10:23:57 localhost sshd[18461]: Authentication refused:
bad ownership or modes for directory /home/skx/.ssh

To fix this error you need to login to the machine (with your password!) and run the following command:

$ cd ~
$ chmod 700 .ssh

» parent | login or register to post comments