This tutorial post will help you with how to configure SSH passwordless login authentication for users on Linux Servers.
If you are interested in learning, Request you to go through the below recommended tutorial.
DevOps Full Course Tutorial for Beginners - DevOps Free Training Online
Docker Full Course Tutorial for Beginners - Docker Free Training Online
Kubernetes Full Course Tutorial for Beginners - Kubernetes Free Training Online
Ansible Full Course Tutorial for Beginners - Ansible Free Training Online
Openstack Full Course Tutorial for Beginners - Openstack Free Training Online
How to Configure SSH Passwordless Login Authentication (SSH-keygen)
SSH (Secure Shell) is a default protocol used to connect linux server remotely with valid users credentials (Username and Password).
Configure SSH passwordless authentication helps us to perform some automated tasks using scripts or to avoid entering username and passwords for everytime. Lets see how to enable password less login authentication.
Let's take an example to enable and configure SSH passwordless login authentication from node1.learnitguide.net (Source Server) to node2.learnitguide.net (Target Server).
Lab Environment:
Source server Name : node1.learnitguide.net
User on Source server : root
Target / Destination Server Name : node2.learnitguide.net
User on Destination Server : root
Also Watch this "Configure SSH passwordless login" Tutorial video on our YouTube Channel.
Step 1 : Create a authentication key pairs using ssh-keygen
Login into "node1.learnitguide.net" with user (root) from which you try to connect to target or destination server (node2.learnitguide.net). Once you have logged in and use ssh-keygen command.
ssh-keygen is a tool available default in linux used to create a ssh authentication key pairs. ssh-keygen can create RSA keys, DSA keys, ECDSA keys, ED25519 keys.
By default, ssh-keygen will generate an RSA key pairs with one public and private key. If you want to generate any other type of keys (DSA keys, ECDSA keys, ED25519 keys), it must be specified with -t option along with ssh-keygen command. (ssh-keygen -t dsa). For this example, I just go with rsa key hence I use ssh-keygen command without any arguments.
[root@node1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): <== Hit Enter
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): <== Hit Enter
Enter same passphrase again: <== Hit Enter
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
3a:25:c0:2e:3c:29:9d:b1:f7:6e:39:1e:0b:db:4f:98 root@node1.learnitguide.net
The key's randomart image is:
+--[ RSA 2048]----+
| |
| . |
| . o |
| o * . |
|. O o . S |
| . + . * |
| . E.. |
| =+= |
| .o=o. |
+-----------------+
[root@node1 ~]#
Once you have executed ssh-keygen command, it is generated a private and public key pairs under the home directory of user by whom you have executed the ssh-keygen command.
[root@node1 ~]# ll ~/.ssh/
total 12
-rw------- 1 root root 1675 Jun 16 20:21 id_rsa
-rw-r--r-- 1 root root 410 Jun 16 20:21 id_rsa.pub
-rw-r--r-- 1 root root 183 Jun 16 20:51 known_hosts
where, id_rsa is a private key with RSA encryption and id_rsa.pub is a public key with RSA encryption.
Step 2 : Copy SSH public key from node1 (source) to node2 (target)
Once you have private and public key, we must add the content of public key to the target server under the target user's home directory. It can be done in two ways,
1. Login into target server and add a public key content manually
2. Use ssh-copy-id command to add remotely with "-i" option by specifying the public key to be copied.
We recommend to use ssh-copy-id command to avoid any human errors.
[root@node1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@node2.learnitguide.net
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2.learnitguide.net's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@node2.learnitguide.net'"
and check to make sure that only the key(s) you wanted were added.
[root@node1 ~]#
Public key is added to target server.
Step 3 : Verify password less authentication works or not
From node1 server, Try login into node2 target server to check password less login authentication is working or not.
[root@node1 ~]# ssh root@node2.learnitguide.net
Last failed login: Sat Jun 16 20:56:31 IST 2018 from 192.168.128.130 on ssh:notty
There was 1 failed login attempt since the last successful login.
Last login: Sat Jun 16 20:51:44 2018 from 192.168.2.10
[root@node2.learnitguide.net ~]#
Great. We are able to login to target server from source server without password prompt. So SSH password less login authentication is enabled as expected Similarly, you can configure SSH passwordless authentication between a source server to any number of target servers.
Related Content on Linux might be useful to you to improve your Linux Skills.
How to Configure IP Address on Ubuntu using Netplan
How to Access Linux Server from Windows Remotely
Configure SSH Passwordless Login Authentication (SSH-keygen)
How to Create LVM Partition in Linux – LVM Tutorial
Install & Configure Samba Server on Linux (RHEL7 / CentOS7)
How to Access Linux Server from Windows Remotely
Configure SSH Passwordless Login Authentication (SSH-keygen)
How to Create LVM Partition in Linux – LVM Tutorial
Install & Configure Samba Server on Linux (RHEL7 / CentOS7)
Keep practicing and have fun. Leave your comments if any.
Stay connected with us on social networking sites, Thank you.