How to access Linux ssh servers password-less in Linux

If you happened to run Linux and have multiple linux servers, here’s a short how to access them password-less.

  1. First we need to generate some keys:
    ssh-keygen -t dsa
  2. Then we copy them over to the remote server:
    scp .ssh/id_dsa.pub user@someserver:/somepath
  3. Then we copy the key to the authorized_keys file:
    cat id_dsa.pub >> .ssh/authorized_keys
  4. Then as a security measure we chmod it:
    chmod 644 .ssh/authorized_keys
  5. Logout and try login in again. Hurra!

Important note:

Please set a password for your keychain. It’s a very insecure if you set no password for it. Somebody can eventually get your public key and access your servers without passwords. If you set password it will ask only at first time and keep in the session.

Password-less ssh logins are done via keychain. Here’s a small excerpt from the Gentoo Wiki:

Many of us use the excellent OpenSSH as a secure, encrypted replacement for the venerable telnet and rsh commands. One of OpenSSH’s (and the commercial SSH2’s) intriguing features is its ability to authenticate users using the RSA and DSA authentication protocols, which are based upon a pair of complementary numerical “keys”. And one of the main appeals of RSA and DSA authentication is the promise of being able to establish connections to remote systems without supplying a password. The keychain script makes handling RSA and DSA keys both convenient and secure. It acts as a front-end to ssh-agent, allowing you to easily have one long-running ssh-agent process per system, rather than per login session. This dramatically reduces the number of times you need to enter your passphrase from once per new login session to once every time your local machine is rebooted.

September 26, 2008 | Filed Under Linux 

Comments

Leave a Reply

You must be logged in to post a comment.

Categories


Clicky Web Analytics