SSH is often used to login from one
machine to another machine, There are number of methods to achieve this but
mostly in every method it requires authentication..... It also does requires
authentication but for one time only i.e. for the first time you need to do a
setup and for rest of the times when you will try to login via ssh it will not
ask for any password.
For achieving this you just need to
generate your own personal set of private/public key pair. ssh-keygen is used
to generate that key pair for you.
A HOWTO for generating your own
private/public key pair is given below:
Firstly generate your private/public
key pair by following command:
[root@linuxforfreshers.com Desktop]$
ssh-keygen -t rsa
Generating public/private rsa key
pair.
Enter file in which to save the key
(/home/root/.ssh/id_rsa): [Press enter if you want to save your keys to default
location]
Enter passphrase (empty for no
passphrase): [Enter your passphrase]
Enter same passphrase again: [Enter your passphrase again to verify]
Your identification has been saved in
/home/root/.ssh/id_rsa.
Your public key has been saved in
/home/root/.ssh/id_rsa.pub.
The key fingerprint is:
52:17:88:67:f9:ae:03:e2:59:39:97:f9:7d:95:b6:ed
root@linuxforfreshers.com
The key's randomart image is:
+--[ RSA 2048]----+
|
. o. |
|
. = . |
|
o... |
|
. .. |
|
..S+ .|
|
. =.+ . o.|
|
. + + o . ..o|
|
o o . . ...|
| .
. .E|
+-----------------+
Now just copy your public key to
remote machine, in this case I have generated key pair for server.example.com
and copied server's public key to client's machine via following command.
[root@linuxforfreshers.com .ssh]$
ssh-copy-id -i ~/.ssh/id_rsa.pub client@192.168.86.129
client@192.168.86.129's password: [Enter the password for the first time]
Now try logging into the machine, with
"ssh 'client@192.168.86.129'", and check in:
cat
/home/client/ .ssh/authorized_keys
Now when you will try to login to
client's machine it will not prompt for the password.
[root@linuxforfreshers.com ~]$ ssh
client@192.168.86.129
Last login: Thu Dec 9 10:45:35 2015 from server.redhat.com
No comments:
Post a Comment