SSH login without password
You want to use Linux and OpenSSH to automize your tasks. Therefore you need an automatic login from host A / user a to Host B / user b. You don't want to enter any passwords, because you want to call ssh from a within a shell script or you are just lazy.
First log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase:
a@A:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa):
Created directory '/home/a/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A
Now use ssh to create a directory ~/.ssh as user b on B.
(The directory may already exist, which is fine):
a@A:~> ssh b@B mkdir -p .ssh
b@B's password:
Finally append a's new public key to b@B:.ssh/authorized_keys
and enter b's password one last time:
a@A:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
b@B's password:
From now on you can log into B as b from A as a without password:
a@A:~> ssh b@B
b@B:~>
If you still get a password prompt, check the permissions of you local ~/.ssh and the remote ~/.ssh directory.
Both should look like this
drwx------ 2 a users 4096 Jan 23 2006 .ssh
only read/writeable by you.
If this does not help, change the following option on the remote sshd config:
#LogLevel INFO
to
LogLevel DEBUG
This should tell you the reason why the passwordless login was not possible.
As soon as you fixed it, restore the LogLevel option, according to the sshd manpage "Logging with a DEBUG level violates the privacy of users and is not recommended."
Author: Mathias Kettner
http://linuxproblem.org/auth_1.html
rate this article:current rating: average rating: 1.3 (186 votes) (1=very good 6=terrible)
Your rating:
back