Published December 17th, 2007 by admin
How to Connect To Linux Hosts Without a Password (Key Authentication)
This guide assumes that you have an SSH server setup on your “server” and an SSH client set up on your client. (sudo apt-get install openssh-server & sudo apt-get install openssh-client respectively)
First from the client run the following command logged in as your normal user account:
ssh-keygen
(Leave the password blank if you do not want to supply it on login, but remember to guard the created cert with your life as it opens the door to anyone that finds it…)
This creates id_rsa and id_rsa.pub in the ~/.ssh directory.
Next we want to upload the pub file to the remote server/host that you want to connect to:
scp ~/.ssh/id_rsa.pub remoteuser@remotehost:~/
Now that it is uploaded we have to authorize it by connecting to the remote machine (ssh user@remotehost) and running the following on the remote host:
cat id_rsa.pub >> ~/.ssh/authorized_keys
and then:
rm id_rsa.pub
to delete the uploaded file.
If the remote host does not have key authentication enabled (should be by default), ssh the machine and edit the config file like such:
nano /etc/ssh/sshd_config
and add/change the following to options as such:
RSAAuthentication yes
PubkeyAuthentication yes
then reload the config:
/etc/init.d/ssh reload
At this point you can check to make sure that you are allowed to log in via your key and if that is the case you can disable password authentication.
Edit the config again:
nano /etc/ssh/sshd_config
and set the following:
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
reload the config:
/etc/init.d/ssh reload
That it. You are now on your way to more secure/hassle free SSH authentication.
Technorati Tags: SSH, key, authentication