How to SSH Without Password on Linux

In server administration, the ability to establish a Secure Shell (SSH) connection without the need for a password is a valuable skill. This tutorial will guide you through the process of setting up and configuring your Linux servers to allow password-less SSH connections. This setup can be particularly useful for automating tasks, such as copying data from one server to another. The steps outlined in this tutorial have been tested on CentOS 6.2, but they should also work on other CentOS versions and Red Hat Enterprise Linux versions.

Before we dive in, it’s important to understand the roles of the two servers involved in this process. The client server, referred to as server2, is where the SSH session is initiated via the SSH command. The main server, referred to as server1, is where the SSH session from server2 connects to. This tutorial assumes that you are using the root account on CentOS 6.2.

Step 1: Configure /etc/hosts for Both Servers

The first step is to add and configure the /etc/hosts file on both servers (the SSH client and the SSH server). You can do this by opening the file with a text editor, such as vi:

[root@server1 ~]# vi /etc/hosts
[root@server2 ~]# vi /etc/hosts

Add the following lines to the /etc/hosts file on both servers:

192.168.1.44 server1
192.168.1.48 server2

Step 2: Create a Hidden SSH Directory on Server2

Next, log in as root to server2 and create a hidden directory called ssh under your account:

[root@server2 ~]# mkdir -p $HOME/.ssh

Set the permissions for this directory as follows:

[root@server2 ~]# chmod 0700 $HOME/.ssh

Step 3: Configure SSH Keys Authentication on Server2

Now, it’s time to configure SSH Keys Authentication. You can do this by typing the following command:

[root@server2 ~]# ssh-keygen

When prompted, press enter until the process ends. Also, press enter for the passphrase:

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint and the key’s randomart image will be displayed. Like that:

The key fingerprint is:
83:20:f0:1d:11:db:7e:e9:be:d6:ed:a2:e7:f1:ac:34 root@server2

The key's randomart image is:
+--[ RSA 2048]----+
|.   +o           |
| o . +           |
|  o + .          |
|   . o . .       |
|      o S        |
|       o .       |
|        ..E.     |
|       ...+=.    |
|       .+=o++    |
+-----------------+

Step 4: Verify the Files Generated by the ssh-keygen Command

After generating the SSH keys, you should verify the files that were produced by the ssh-keygen command. Normally, these files are automatically stored under $HOME/.ssh:

[root@server2 ~]# ls $HOME/.ssh
id_rsa id_rsa.pub

Step 5: Create a Hidden SSH Directory on Server1

Now, log in as root to server1 and create a hidden directory called ssh under your account:

[root@server1 ~]# mkdir -p $HOME/.ssh

Set the permissions for this directory as follows:

[root@server1 ~]# chmod 0700 $HOME/.ssh

Step 6: Copy the Public Key to Server1

From server2, copy over the id_rsa.pub (public key) to server1:

[root@server2 ~]# scp $HOME/.ssh/id_rsa.pub root@server1:$HOME/.ssh

You will be prompted about the authenticity of host ‘server1’. Type ‘yes’ to continue connecting. You will then be asked for the root password for server1.

See also  How to Enable a Warning SSH Banner on CentOS 6.3

Step 7: Export the Public Key to authorized_keys on Server1

On server1, navigate to the ssh directory and execute these commands:

[root@server1 ~]# cd $HOME/.ssh

Export the id_rsa.pub key to authorized_keys:

[root@server1 .ssh]# cat id_rsa.pub >> $HOME/.ssh/authorized_keys

Set the permissions for the authorized_keys file as follows:

[root@server1 .ssh]# chmod 0600 $HOME/.ssh/authorized_keys

Step 8: Test the SSH Connection

You have now successfully configured SSH without a password. From now on, you can log into server1 as root from server2 without needing a password:

[root@server2 ~]# ssh root@server1

Commands Mentioned

  • vi /etc/hosts – Opens the /etc/hosts file in the vi text editor.
  • mkdir -p $HOME/.ssh – Creates a hidden directory called ssh under your account.
  • chmod 0700 $HOME/.ssh – Sets the permissions for the .ssh directory.
  • ssh-keygen – Generates SSH keys.
  • ls $HOME/.ssh – Lists the files in the .ssh directory.
  • scp $HOME/.ssh/id_rsa.pub root@server1:$HOME/.ssh – Copies the public key to server1.
  • cat id_rsa.pub >> $HOME/.ssh/authorized_keys – Exports the public key to authorized_keys.
  • chmod 0600 $HOME/.ssh/authorized_keys – Sets the permissions for the authorized_keys file.
  • ssh root@server1 – Logs into server1 as root from server2.
See also  How to Set MySQL root Password on CentOS 6.2

Conclusion

By following the steps outlined in this tutorial, you have successfully configured your Linux servers to allow SSH connections without the need for a password. This setup is particularly useful for automating tasks and streamlining your server administration workflow.

Remember, the steps provided in this tutorial have been tested on CentOS 6.2, but they should also work on other CentOS versions and Red Hat Enterprise Linux versions. Always ensure that you are logged in as root when performing these steps for the best results.

Frequently Asked Questions

  1. What is the purpose of SSH keys?

    SSH keys serve as a means of identifying yourself to an SSH server using public-key cryptography and challenge-response authentication. This is a more secure and convenient method than the traditional password authentication.

  2. Why would I want to set up SSH without a password?

    Setting up SSH without a password can streamline your workflow by eliminating the need to manually enter a password each time you connect to the server. It also enables you to automate tasks that involve connecting to the server, such as data transfers or running scripts.

  3. Is it safe to use SSH without a password?

    Yes, using SSH without a password is safe as long as you keep your private key secure. The private key is used to authenticate your connection, and if it falls into the wrong hands, it could be used to access your server. Therefore, it’s crucial to protect your private key and ensure it’s stored in a secure location.

  4. What is the role of the authorized_keys file in SSH authentication?

    The authorized_keys file in SSH authentication plays a crucial role. It contains all the public keys of users allowed to authenticate to the system. When a user tries to connect, the server checks the authorized_keys file for the user’s public key. If a match is found, the server uses it to verify the user’s identity.

  5. What is the difference between the id_rsa and id_rsa.pub files?

    The id_rsa file is your private key, while the id_rsa.pub file is your public key. The private key should be kept secret and secure, as it can be used to access systems that recognize your public key. The public key, on the other hand, can be shared freely and is used by servers to verify your identity.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *