Setting Up no-password SSH

Sometime we had a script for running process in remote machine. In this case, we need to setup SSH with no-password to remote another machine and run process what we need.
The basic idea is, however, that in the cryptosystem that ssh uses (RSA or/and DSA) the encription and decription are done using diferent keys
Basically, what the user (client) needs is to generate a public/private key pair. The server will know the public key, but only the client will know the private key.
When the client connects to the server, it tells its own public key. If this key is allowed (if it is between the know public keys list on the server), the server will send a randomic number to the client. This encripted number can only be decripted if the appropiate decription key is used, and this decription key is the client's private one. The client then uses then its own private key and decript the number. If this is done correctly, the server will grant the acces with no more questions. As you can see the system is safe, because the client never tells anybody about its private key; and this key cannot be inferred using the public one.
Now, we must generate a public/private key pair, and copy the public part into the appropiate place on the server side. In this example, we will use user root.
local>ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
A password will be asked, leave this part blank, just pressing <enter>
Now, go the .ssh directory, and you will find two new files: id_dsa and id_dsa.pub. The last one is the public part. Now, copy the public key to the server machine.
local> cd .ssh
local> scp id_dsa.pub user@remote:~/.ssh/id_dsa.pub
user@remote password:
id_dsa.pub 100% 604 0.0KB/s 00:00
Now, add the client's public key to the know public keys on the server
local> ssh user@remote
remote> cd .ssh
remote> cat id_dsa.pub >> authorized_keys2
remote> chmod 640 authorized_keys2
remote> rm id_dsa.pub
remote> exit
That's all. Now we can login use SSH to remote machine without password. But remember, this system will work while none of the machines change the IP address and for the specific user.
Reference :
- Caltech.edu
- wiki.corebsd.or.id
About You :
38.107.179.241
Browser :
Operating System :
Keep This Site Alive
Your Comment On Tutorial:
- Blocking Internet Explorer 6 w...
What is your favorite sitcom most? buy zithromax More... - Setting up a basic MikroTik ho...
Hello, I already tried 300x times to configure a M... More... - Load Balancing on MikroTik
aq coba load balancing . jk tak cabut dr provider ... More... - Setting up a basic MikroTik ho...
From the terminal: /ip hotspot reset-html From Win... More... - Setting Up no-password SSH
KOVAL ! why do you only respond to people who thre... More...

Comments
$ ssh-copy-id -i ~/.ssh/id_rsa.pub remote-user
As described here:
alexander.holbreich.org/.../...
RSS feed for comments to this post.