What's new
PGBlitz.com

Register Now! Find useful tips, Interact /w Community Members and join the part the Best Community on the Internet!

Guides HOWTO : SSH Without Password in two steps

M

MrDoob

Guest
SSH Without Password in two steps

In order to log in to the remote server, you can use your username and password. This is an obvious thing and this method is used frequently. Sometimes, however, you want to be able to access your server without a password – I do this a lot when working with automation-related tasks such as backups or tunnels. Public key authentication is the tool which can help you. Long story short – you will generate public and private key pair. The private key will be stored on your source computer (the one which will initialize the connection), the public will be copied to the computer or computers you want to connect to. Please note that whoever will possess your private key, will be able to log in to all computers you placed your public key on – keep your keys safe.
Here is how you can create a passwordless connection between two computers – let’s name it linuxHome and linuxRemote. Of course, you can perform the same operation in both directions if you want to.

Create an SSH key

You should use ssh-keygen command to create your SSH key. First, log in to your linuxHome computer on the account you want to use for passwordless communication. Once logged in, execute the command:
  1. [email protected]$ ssh-keygen
You will be asked for the file name (you can simply press Enter), and the passphrase (you should leave this empty). In the default configuration, your private key is saved in /home/myAccount/.ssh/id_rsa file. The public key is stored in /home/myAccount/.ssh/id_rsa.pub file. Of course, myAccount is replaced with the actual name of the user you logged in as.

Copy the SSH public key to the destination host

Nowadays the easiest way to copy your public key to the linuxRemote host is to use this command:
  1. [email protected]$ ssh-copy-id [email protected]
The tool will connect to the remote host and will ask you to provide the password for the [email protected] This is hopefully the last time you will need to use it.

Testing your connection

You should now be able to connect to your remote host without the password. Please try to run the following command:
  1. [email protected]$ ssh [email protected]
If there are no issues, you should be connected and you should not see the prompt for the password.


What if there is no ssh-copy-id on my source host?

On some older computers, there is no ssh-copy-id. In that case, you can copy your public key information using ssh. First, we will need to create the .ssh directory on the linuxRemote:
  1. [email protected]$ ssh [email protected] mkdir -p .ssh
Once the directory is created, we can copy public key information:
  1. [email protected]$ cat .ssh/id_rsa.pub | ssh [email protected] 'cat >> .ssh/authorized_keys'
From now on, you should be good to go.

Behind the scenes

As you can see from the above example, the public key is stored in the .ssh/authorized_keys file on the remote host. This file can store multiple keys (for example if you want to connect to the same account from different source accounts). This means that you should be careful when adding new keys to the file. The ssh-copy-id is taking care of this on its own. When using the ssh copy method, make sure that you are using ‘>>’ after cat – this will append to the file instead of replacing its contents.
When ssh connection is made, the public/private key authentication method is used first. If this one fails, you will be asked for the password. If you want to debug your ssh connection, you can simply use:
  1. [email protected]$ ssh [email protected] -v
This command will display verbose output of the ssh communication process and you can spot potential errors.

Thx to

 
M

MrDoob

Guest
SSH login without password using PuTTY

Login without password using Putty and SSH

The purpose of this article is to describe how to use Putty and RSA public/private keys to login to a server without the use of a password.

Determine if you are running 32 or 64 bit OS
In windows open the computer properties window by clicking Start then right-clicking computer and finally click on ‘properties.’ A new window will open detailing your computer’s information. Look under the System section for ‘System Type.’

Windows System Info 32/64 bit


Now download the correct version (32 or 64 bit) of both putty.exe and puttygen.exe from

http://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Putty.exe is the SSH client and puttygen.exe is an RSA and DSA key generation tool. You will need an RSA key to login using SSH without a password. The following procedure is used to generate the RSA key.

1) To generate your RSA keys, open the puttygen.exe tool.

PuTTY Key Generator


2) Click on the ‘Generate’ button. After you click the button, the key generator will ask that you move the mouse inside the blank area of the window. As you move the mouse, the progress bar will grow until the tool has captured enough random information based on your mouse movements
.
PuTTY Key Generator


3) When complete, you will see the window update with information about your new public key. Make sure the 'key comment' will not conflict with any other public keys already on the server (Not likely unless several people use this process on the same day to access the same account on the server) .

PuTTY Key Generator


4) Click on the ‘Save public key.’ You will upload this key to the server you wish to login to, so pick a useful name like ‘mypublickey’

5) Click on the ‘Save private key.’ Puttygen will open a pop-up window asking if you are sure you want to save the key without a passphrase to protect it.

Choose ‘Yes.’

This is the key that identifies your computer to the server, so store it in a secure place on your computer. You will need to enter this file into putty later, so make sure you remember where you saved it.

6) You are now finished with the puttygen.exe tool.

Close the program.

7) Move your public key from your local computer to the server using an (S)FTP client like Filezilla. Save the file in your home directory.

8) Open putty.exe and login to the server as you normally would.

9) If you have never used public/private keys to login from another system, you will need to create a new directory under your home directory called .ssh Use the following command
Code:
 mkdir .ssh
10) Now add the public key you generated earlier to a file called ‘authorized_keys’. If you have already setup passwordless login from other hosts then this file might already exist. Use the following command from your home directory

Code:
ssh-keygen -i -f mypublickey >> .ssh/authorized_keys
11) Set the permissions to restrict other users on the system from accessing this directories and files with the following command

Code:
 chmod go-rwx .ssh .ssh/authorized_keys
12) Now you can remove the original public key file with the following command

Code:
 rm mypublickey
13) Logout from the server then close putty (if it doesn’t close automatically)

14) Now we can configure putty to use the public/private keys to login without a password

15) Open putty.
At the configuration window, navigate to Connection->Data.

In the Auto-login username field enter your username on the server



16) Now navigate to Connection->SSH->Auth.

This is the screen where you tell putty where your private key is located. Click the ‘Browse’ button and find your private key.



17) Navigate to the ‘Session’ screen. Complete the host name field. Make sure the port is 22 and the connection type is SSH. Next enter a name in the ‘Saved Sessions’ field.



18) Click the ‘Save’ button in the middle of the window on the right side. You will probably want to click the ‘Open’ button because of its location, but that will not save your configuration.

19) Now click the ‘Open’ button. You will see the following pop-up window.

Click ‘Yes’



20) The next time you open putty, you will see your saved configuration in the space next to the ‘Save’ button, identified with the name you chose when saving the configuration. You can double click the name to open a session to the server without using a password.


21) If you have additional servers to you want to login to without a password start with step 7 for those servers.
 
Last edited by a moderator:
Assists Greatly with Development Costs

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.


Development Donations

 

Top NZB NewsGroups!

Members - Up To a 58% Discount!

Trending

Top