{"id":2811,"date":"2012-04-18T22:45:12","date_gmt":"2012-04-18T14:45:12","guid":{"rendered":"https:\/\/webhostinggeeks.com\/howto\/?p=2811"},"modified":"2023-06-22T17:00:27","modified_gmt":"2023-06-22T17:00:27","slug":"how-to-configure-ssh-without-password-on-linux","status":"publish","type":"post","link":"https:\/\/webhostinggeeks.com\/howto\/how-to-configure-ssh-without-password-on-linux\/","title":{"rendered":"How to SSH Without Password on Linux"},"content":{"rendered":"<p>In server administration, the ability to establish a Secure Shell (SSH) connection without the need for a password is a valuable skill. This tutorial will guide you through the process of setting up and configuring your Linux servers to allow password-less SSH connections. This setup can be particularly useful for automating tasks, such as copying data from one server to another. The steps outlined in this tutorial have been tested on CentOS 6.2, but they should also work on other CentOS versions and Red Hat Enterprise Linux versions.<\/p>\n<p>Before we dive in, it&#8217;s important to understand the roles of the two servers involved in this process. The client server, referred to as server2, is where the SSH session is initiated via the SSH command. The main server, referred to as server1, is where the SSH session from server2 connects to. This tutorial assumes that you are using the root account on CentOS 6.2.<\/p>\n<h2>Step 1: Configure \/etc\/hosts for Both Servers<\/h2>\n<p>The first step is to add and configure the \/etc\/hosts file on both servers (the SSH client and the SSH server). You can do this by opening the file with a text editor, such as vi:<\/p>\n<pre>\r\n[root@server1 ~]# vi \/etc\/hosts\r\n[root@server2 ~]# vi \/etc\/hosts\r\n<\/pre>\n<p>Add the following lines to the \/etc\/hosts file on both servers:<\/p>\n<pre>\r\n192.168.1.44 server1\r\n192.168.1.48 server2\r\n<\/pre>\n<h2>Step 2: Create a Hidden SSH Directory on Server2<\/h2>\n<p>Next, log in as root to server2 and create a hidden directory called ssh under your account:<\/p>\n<pre>\r\n[root@server2 ~]# mkdir -p $HOME\/.ssh\r\n<\/pre>\n<p>Set the permissions for this directory as follows:<\/p>\n<pre>\r\n[root@server2 ~]# chmod 0700 $HOME\/.ssh\r\n<\/pre>\n<h2>Step 3: Configure SSH Keys Authentication on Server2<\/h2>\n<p>Now, it&#8217;s time to configure SSH Keys Authentication. You can do this by typing the following command:<\/p>\n<pre>\r\n[root@server2 ~]# ssh-keygen\r\n<\/pre>\n<p>When prompted, press enter until the process ends. Also, press enter for the passphrase:<\/p>\n<pre>\r\nGenerating public\/private rsa key pair.\r\nEnter file in which to save the key (\/root\/.ssh\/id_rsa):\r\nEnter passphrase (empty for no passphrase):\r\nEnter same passphrase again:\r\nYour identification has been saved in \/root\/.ssh\/id_rsa.\r\nYour public key has been saved in \/root\/.ssh\/id_rsa.pub.\r\n<\/pre>\n<p>The key fingerprint and the key&#8217;s randomart image will be displayed. Like that:<\/p>\n<pre>\r\nThe key fingerprint is:\r\n83:20:f0:1d:11:db:7e:e9:be:d6:ed:a2:e7:f1:ac:34 root@server2\r\n\r\nThe key's randomart image is:\r\n+--[ RSA 2048]----+\r\n|.   +o           |\r\n| o . +           |\r\n|  o + .          |\r\n|   . o . .       |\r\n|      o S        |\r\n|       o .       |\r\n|        ..E.     |\r\n|       ...+=.    |\r\n|       .+=o++    |\r\n+-----------------+\r\n<\/pre>\n<h2>Step 4: Verify the Files Generated by the ssh-keygen Command<\/h2>\n<p>After generating the SSH keys, you should verify the files that were produced by the ssh-keygen command. Normally, these files are automatically stored under $HOME\/.ssh:<\/p>\n<pre>\r\n[root@server2 ~]# ls $HOME\/.ssh\r\nid_rsa id_rsa.pub\r\n<\/pre>\n<h2>Step 5: Create a Hidden SSH Directory on Server1<\/h2>\n<p>Now, log in as root to server1 and create a hidden directory called ssh under your account:<\/p>\n<pre>\r\n[root@server1 ~]# mkdir -p $HOME\/.ssh\r\n<\/pre>\n<p>Set the permissions for this directory as follows:<\/p>\n<pre>\r\n[root@server1 ~]# chmod 0700 $HOME\/.ssh\r\n<\/pre>\n<h2>Step 6: Copy the Public Key to Server1<\/h2>\n<p>From server2, copy over the id_rsa.pub (public key) to server1:<\/p>\n<pre>\r\n[root@server2 ~]# scp $HOME\/.ssh\/id_rsa.pub root@server1:$HOME\/.ssh\r\n<\/pre>\n<p>You will be prompted about the authenticity of host &#8216;server1&#8217;. Type &#8216;yes&#8217; to continue connecting. You will then be asked for the root password for server1.<\/p>\n<h2>Step 7: Export the Public Key to authorized_keys on Server1<\/h2>\n<p>On server1, navigate to the ssh directory and execute these commands:<\/p>\n<pre>\r\n[root@server1 ~]# cd $HOME\/.ssh\r\n<\/pre>\n<p>Export the id_rsa.pub key to authorized_keys:<\/p>\n<pre>\r\n[root@server1 .ssh]# cat id_rsa.pub >> $HOME\/.ssh\/authorized_keys\r\n<\/pre>\n<p>Set the permissions for the authorized_keys file as follows:<\/p>\n<pre>\r\n[root@server1 .ssh]# chmod 0600 $HOME\/.ssh\/authorized_keys\r\n<\/pre>\n<h2>Step 8: Test the SSH Connection<\/h2>\n<p>You have now successfully configured SSH without a password. From now on, you can log into server1 as root from server2 without needing a password:<\/p>\n<pre>\r\n[root@server2 ~]# ssh root@server1\r\n<\/pre>\n<h2>Commands Mentioned<\/h2>\n<ul>\n<li><span class=\"fw-bold\">vi \/etc\/hosts<\/span> \u2013 Opens the \/etc\/hosts file in the vi text editor.<\/li>\n<li><span class=\"fw-bold\">mkdir -p $HOME\/.ssh<\/span> \u2013 Creates a hidden directory called ssh under your account.<\/li>\n<li><span class=\"fw-bold\">chmod 0700 $HOME\/.ssh<\/span> \u2013 Sets the permissions for the .ssh directory.<\/li>\n<li><span class=\"fw-bold\">ssh-keygen<\/span> \u2013 Generates SSH keys.<\/li>\n<li><span class=\"fw-bold\">ls $HOME\/.ssh<\/span> \u2013 Lists the files in the .ssh directory.<\/li>\n<li><span class=\"fw-bold\">scp $HOME\/.ssh\/id_rsa.pub root@server1:$HOME\/.ssh<\/span> \u2013 Copies the public key to server1.<\/li>\n<li><span class=\"fw-bold\">cat id_rsa.pub >> $HOME\/.ssh\/authorized_keys<\/span> \u2013 Exports the public key to authorized_keys.<\/li>\n<li><span class=\"fw-bold\">chmod 0600 $HOME\/.ssh\/authorized_keys<\/span> \u2013 Sets the permissions for the authorized_keys file.<\/li>\n<li><span class=\"fw-bold\">ssh root@server1<\/span> \u2013 Logs into server1 as root from server2.<\/li>\n<\/ul>\n<h2>Conclusion<\/h2>\n<p>By following the steps outlined in this tutorial, you have successfully configured your Linux servers to allow SSH connections without the need for a password. This setup is particularly useful for automating tasks and streamlining your server administration workflow.<\/p>\n<p>Remember, the steps provided in this tutorial have been tested on CentOS 6.2, but they should also work on other CentOS versions and Red Hat Enterprise Linux versions. Always ensure that you are logged in as root when performing these steps for the best results.<\/p>\n<h2>Frequently Asked Questions<\/h2>\n<ol itemscope itemtype=\"https:\/\/schema.org\/FAQPage\">\n<li itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\">\n<p class=\"fw-bold\" itemprop=\"name\">What is the purpose of SSH keys?<\/p>\n<p itemprop=\"acceptedAnswer\" itemscope itemtype=\"https:\/\/schema.org\/Answer\">\n                <span itemprop=\"text\">SSH keys serve as a means of identifying yourself to an SSH server using public-key cryptography and challenge-response authentication. This is a more secure and convenient method than the traditional password authentication.<\/span>\n            <\/p>\n<\/li>\n<li itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\">\n<p class=\"fw-bold\" itemprop=\"name\">Why would I want to set up SSH without a password?<\/p>\n<p itemprop=\"acceptedAnswer\" itemscope itemtype=\"https:\/\/schema.org\/Answer\">\n                <span itemprop=\"text\">Setting up SSH without a password can streamline your workflow by eliminating the need to manually enter a password each time you connect to the server. It also enables you to automate tasks that involve connecting to the server, such as data transfers or running scripts.<\/span>\n            <\/p>\n<\/li>\n<li itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\">\n<p class=\"fw-bold\" itemprop=\"name\">Is it safe to use SSH without a password?<\/p>\n<p itemprop=\"acceptedAnswer\" itemscope itemtype=\"https:\/\/schema.org\/Answer\">\n                <span itemprop=\"text\">Yes, using SSH without a password is safe as long as you keep your private key secure. The private key is used to authenticate your connection, and if it falls into the wrong hands, it could be used to access your server. Therefore, it&#8217;s crucial to protect your private key and ensure it&#8217;s stored in a secure location.<\/span>\n            <\/p>\n<\/li>\n<li itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\">\n<p class=\"fw-bold\" itemprop=\"name\">What is the role of the authorized_keys file in SSH authentication?<\/p>\n<p itemprop=\"acceptedAnswer\" itemscope itemtype=\"https:\/\/schema.org\/Answer\">\n                <span itemprop=\"text\">The authorized_keys file in SSH authentication plays a crucial role. It contains all the public keys of users allowed to authenticate to the system. When a user tries to connect, the server checks the authorized_keys file for the user&#8217;s public key. If a match is found, the server uses it to verify the user&#8217;s identity.<\/span>\n            <\/p>\n<\/li>\n<li itemscope itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\">\n<p class=\"fw-bold\" itemprop=\"name\">What is the difference between the id_rsa and id_rsa.pub files?<\/p>\n<p itemprop=\"acceptedAnswer\" itemscope itemtype=\"https:\/\/schema.org\/Answer\">\n                <span itemprop=\"text\">The id_rsa file is your private key, while the id_rsa.pub file is your public key. The private key should be kept secret and secure, as it can be used to access systems that recognize your public key. The public key, on the other hand, can be shared freely and is used by servers to verify your identity.<\/span>\n            <\/p>\n<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>In server administration, the ability to establish a Secure Shell (SSH) connection without the need for a password is a valuable skill. This tutorial will guide you through the process&#8230;<\/p>\n","protected":false},"author":6,"featured_media":2824,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"wds_primary_category":0,"footnotes":""},"categories":[1058],"tags":[1244,1253,1536,1546,1623,1624],"class_list":["post-2811","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ssh","tag-centos","tag-centos-6-2","tag-linux","tag-linux-utilities","tag-openssh-client","tag-openssh-server"],"_links":{"self":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/posts\/2811","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/comments?post=2811"}],"version-history":[{"count":0,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/posts\/2811\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/media\/2824"}],"wp:attachment":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/media?parent=2811"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/categories?post=2811"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/tags?post=2811"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}