You want to use Linux/Unix and openSSH to automate your jobs and tasks. So you need automatic logins that don’t need to type your password when you connect from A host to B host.
Step 1:Check .ssh file
Ssh file is located under the user home directory.
#ls -ld .ssh ls: .ssh: No such file or directory #pwd home/testA
Step 2:Create Rsa-Dsa file.
DSA is faster in signing but slower verifying.DSA signature is smaller than RSA key which is the same size. An RSA 512 bits can be cracked also a 280 DSA. When creating an RSA or DSA key file if you don't need to specify any option press "Enter" for all questions.
#ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/testA/.ssh/id_rsa): Created directory ‘/home/testA/.ssh’. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/testA/.ssh/id_rsa. Your public key has been saved in /home/testA/.ssh/id_rsa.pub. The key fingerprint is: f6:fb:8f:ac:6a:38:7c:aa:1d:5e:69:c6:dc:70:67:be testA@Aserver[/shell] This command will generate two files which name id_rsa.pub and id_rsa. [shell]#ls -ld .ssh/id_rsa* -rw——- 1 testA testA 1675 Nov 24 05:11 .ssh/id_rsa -rw-r–r– 1 testA testA 396 Nov 24 05:11 .ssh/id_rsa.pub
Step 3:Create .ssh directory at B Server
Before copy, id_rsa.pub content to destination server run the same ssh-keygen command on destination B server.
Destination B server
#ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/testB/.ssh/id_rsa): Created directory ‘/home/testB/.ssh’. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/testB/.ssh/id_rsa. Your public key has been saved in /home/testB/.ssh/id_rsa.pub. The key fingerprint is: aa:a1:86:9a:bb:97:63:32:88:cd:69:54:a0:b6:23:0d testB@Bserver[/shell] [shell]#ls -ld .ssh/* -rw——- 1 testB testB 1675 Nov 24 05:21 .ssh/id_rsa -rw-r–r– 1 testB testB 396 Nov 24 05:21 .ssh/id_rsa.pub[shell] #pwd /home/testB
Step 4:Copy id_rsa.pub content to authorized_key
Run this command on the source (A) server.
# cat ~/.ssh/id_rsa.pub | ssh testB@serverB 'cat >> ~/.ssh/authorized_keys' The authenticity of host ‘localhost (127.0.0.1)’ can’t be established. RSA key fingerprint is 54:ab:52:fd:ff:7d:37:b7:75:73:2d:2f:5a:d8:5f:8d. Are you sure you want to continue connecting (yes/no)? yes //input yes for only one time. Warning: Permanently added ‘localhost’ (RSA) to the list of known hosts. testB@localhost’s password: //input your password for only one time #ssh testB@Bserver
TroubleShooting
Step 1:Check Permissions at both servers(A, B)
File | Permission |
id_rsa.pub | 644 |
.ssh | 700 |
authorized_keys | 644 |
User Home | 700 |
#[testA@Aserver ~]$ ls -ld .ssh/* -rw-r–r– 1 testA testA 396 Nov 24 05:30 .ssh/authorized_keys -rw——- 1 testA testA 1675 Nov 24 05:11 .ssh/id_rsa -rw-r–r– 1 testA testA 396 Nov 24 05:11 .ssh/id_rsa.pub -rw-r–r– 1 testA testA 792 Nov 24 05:27 .ssh/known_hosts [testA@Aserver ~]$ ls -ld .ssh/ drwx—— 2 testA testA 4096 Nov 24 05:30 .ssh/
Step 1:Check sshd file for authorized_keys
#cat /etc/ssh/sshd_config |grep AuthorizedKeysFile AuthorizedKeysFile .ssh/authorized_keys #service sshd restart
If authorized_keys configuration is not enabled please remove “#” then restart sshd service for Linux.