RSA Secure Shell passwordless authorization
When someone must everyday connect to the same UNIX / Linux server, make non-interactive permanent secure link between servers and use shell scripts for tasks automation-constantly entering user password could be annoying, insecure or, in addition, totally impossible for some tasks.
Therefore, to make your admin life rather more cozy and every day routines more productive use the next short workflow, what is the best for this purpose.
Every step below could be executed in multiple ways: via strict command line, graphical user interface, and local terminal or remote administration tools. Hence, the man can choose the easiest way to act.
Also, having two endpoints: user1@172.172.0.10 and user5@172.172.0.50:
- First, the generation of a pair of authentication keys at source host user1@172.172.0.10.
user1@172.172.0.10:~> ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/user1/.ssh/id_rsa): Created directory '/home/user1/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user1/.ssh/id_rsa. Your public key has been saved in /home/user1/.ssh/id_rsa.pub. The key fingerprint is: 7e:4c:07:98:3b:4f:69:7f:8b:ae:d9:85:77:bb:37:e8
DO NOT ENTER PASSPHRASE above. Hence, the RSA key – is already encrypted and consists of intricate symbol combinations, which are occasionally impossible to guess or remember.
- As a next step, create key-storage authorized_keys at destination host user5@172.172.0.50.Via Midnight Commander visual console editor:
-
create directory /home/user5/.ssh (accordingly, with rights 700)
-
save content of .ssh/id_rsa.pub from user1@172.172.0.10 to file authorized_keys inside (accordingly, with rights 640)
-
- Finally, as a result,- you are now able to log in from the source host to the destination without any password:
user1@172.172.0.10:~>ssh user5@172.172.0.50 user5@172.172.0.50:~>