Friday, December 21, 2007

SSH with no passwords..

This is quite handy, if you want to have a script to perform some activities on a remote host..
Very useful info can be found here and here.

This is what you have to do..

1. Generate a key-pair to be used in the ssh transactions.
You can use "ssh-keygen" to create a key pair..

ssh-keygen -t dsa -b 2048

This would create a dsa key of size 2048 bits.

If you prefer a rsa key, you can use something like below..
ssh-keygen -t rsa


Just press enter when it prompts for a password, otherwise you'll have to enter that password when you start ssh transaction.

I am not exactly sure which encryption method is better, may be i'll post something later, on that..( -when i know better )

2. Configuring the ssh server to trust the client's providing the newly created key.

Depending on the key type you selected, you will be able to find the public key of the key pair in your home directory inside .ssh/ if you didn't specify a separate location for the keys to be saved. Normally the key will be under a name like id_rsa.pub or is_dsa.pub

What you have to do is quite simple. Just copy the content of the key file, and put it in to the file $HOME/.ssh/authorized_keys on the OpenSSH server. $HOME is relative to the user you are loging in, as on the ssh server..
eg: if as root /root/.ssh/authorized_keys

No comments: