Configure SSH Passwordless Login Authentication (SSH-keygen)

ssh, passwordless login, ssh keygen, configure passwordless login, enable password less login, password less authentication, configure password less ssh login

This post shows you how to configure SSH password less login authentication for users on Linux Servers. SSH (Secure Shell) is a default protocol used to connect linux server remotely with valid users credentials (Username and Password).


Configure SSH Passwordless Login Authentication

Enabling SSH password less authentication helps us to perform some automated tasks using scripts or to avoid entering username and passwords for everytime. Lets see how to enable password less login authentication.

Let's take an example to enable SSH password less login authentication from node1.learnitguide.net (Source Server) to node2.learnitguide.net (Target Server).

Lab Environment:
Source server Name : node1.learnitguide.net
User on Source server : root

Target / Destination Server Name : node2.learnitguide.net
User on Destination Server : root

Also Watch this "SSH password less login" Tutorial video on our YouTube Channel.


Step 1 : Create a authentication key pairs using ssh-keygen

Login into "node1.learnitguide.net" with user (root) from which you try to connect to target or destination server (node2.learnitguide.net). Once you have logged in and use ssh-keygen command.

ssh-keygen is a tool available default in linux used to create a ssh authentication key pairs. ssh-keygen can create RSA keys, DSA keys, ECDSA keys, ED25519 keys.

By default, ssh-keygen will generate an RSA key pairs with one public and private key. If you want to generate any other type of keys (DSA keys, ECDSA keys, ED25519 keys), it must be specified with -t option along with ssh-keygen command. (ssh-keygen -t dsa). For this example, I just go with rsa key hence I use ssh-keygen command without any arguments.
[root@node1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): <== Hit Enter
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): <== Hit Enter
Enter same passphrase again: <== Hit Enter
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
3a:25:c0:2e:3c:29:9d:b1:f7:6e:39:1e:0b:db:4f:98 root@node1.learnitguide.net
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|   .             |
|  . o            |
| o * .           |
|. O o . S        |
| . + . *         |
|    . E..        |
|     =+=         |
|    .o=o.        |
+-----------------+
[root@node1 ~]#
Once you have executed ssh-keygen command, it is generated a private and public key pairs under the home directory of user by whom you have executed the ssh-keygen command.
[ads-post]
[root@node1 ~]# ll ~/.ssh/
total 12
-rw------- 1 root root 1675 Jun 16 20:21 id_rsa
-rw-r--r-- 1 root root  410 Jun 16 20:21 id_rsa.pub

-rw-r--r-- 1 root root  183 Jun 16 20:51 known_hosts
where, id_rsa is a private key with RSA encryption and id_rsa.pub is a public key with RSA encryption.

Step 2 : Copy SSH public key from node1 (source) to node2 (target)

Once you have private and public key, we must add the content of public key to the target server under the target user's home directory. It can be done in two ways,

1. Login into target server and add a public key content manually
2. Use ssh-copy-id command to add remotely with "-i" option by specifying the public key to be copied.

We recommend to use ssh-copy-id command to avoid any human errors.
[root@node1 ~]# ssh-copy-id -i /root/.ssh/id_rsa root@node2.learnitguide.net
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2.learnitguide.net's password:
Number of key(s) added: 1
Now try logging into the machine, with:   "ssh 'root@node2.learnitguide.net'"
and check to make sure that only the key(s) you wanted were added.
[root@node1 ~]#
Public key is added to target server.

Step 3 : Verify password less authentication works or not

From node1 server, Try login into node2 target server to check password less login authentication is working or not.
[root@node1 ~]# ssh root@node2.learnitguide.net
Last failed login: Sat Jun 16 20:56:31 IST 2018 from 192.168.128.130 on ssh:notty
There was 1 failed login attempt since the last successful login.
Last login: Sat Jun 16 20:51:44 2018 from 192.168.2.10
[root@node2.learnitguide.net ~]#
Great. We are able to login to target server from source server without password prompt. So SSH password less login authentication is enabled as expected Similarly, you can configure SSH password less authentication between a source server to any number of target servers.

Support Us: Share with your friends and groups.

Stay connected with us on social networking sites, Thank you.
YouTube | Facebook | Twitter | Pinterest | Rss

Incoming Searches: ssh, create ssh key, enable ssh, configure passwordless login, enable password less login, password less authentication, enable password less ssh authentication, configure password less ssh login, how to configure ssh login without password, SSH Passwordless Login, generate ssh keys, generate ssh keys using ssh keygen, SSH Passwordless Login using ssh keygen, ssh keygen,passwordless login, centos ssh passwordless login, linux ssh passwordless login, ubuntu ssh passwordless login, setup ssh passwordless login, How Do I Generate SSH Keys, How to use ssh-keygen, ssh-keygen, Set up an SSH key
June 16, 2018

Post a Comment

[disqus][facebook][blogger]

Contact Form

Name

Email *

Message *

Powered by Blogger.
Javascript DisablePlease Enable Javascript To See All Widget