Difference between revisions of "Passwordless logins"
From Linuxintro
imported>ThorstenStaerk m |
imported>ThorstenStaerk |
||
| Line 1: | Line 1: | ||
| − | A passwordless login is possible via [[ssh]] if you have established a trust relationship between two computers like this: | + | A passwordless login is possible via [[ssh]] if you have established a trust relationship between two computers. |
| − | + | ||
| + | ;Goal: You want to log in using ssh to a computer. You do not want to enter a password, however it needs to be secured. | ||
| + | |||
| + | ;Solution: Establish a trust relationship so your desktop's ssh key is authorized on your server like this: | ||
| + | desktop:~ # ssh-keygen -t dsa | ||
Generating public/private dsa key pair. | Generating public/private dsa key pair. | ||
Enter file in which to save the key (/root/.ssh/id_dsa): | Enter file in which to save the key (/root/.ssh/id_dsa): | ||
| Line 9: | Line 13: | ||
The key fingerprint is: | The key fingerprint is: | ||
1c:9a:b8:03:ab:04:b3:7b:75:49:99:8c:51:79:5d:06 root@scorpio | 1c:9a:b8:03:ab:04:b3:7b:75:49:99:8c:51:79:5d:06 root@scorpio | ||
| − | + | desktop:~ # scp .ssh/id_dsa.pub root@server:~/.ssh/authorized_keys | |
| − | In this example, you create a key pair with no passphrase and distribute the public key from the computer '' | + | In this example, you create a key pair with no passphrase and distribute the public key from the computer ''desktop'' to ''server''. The user root from ''desktop'' no longer needs to authenticate with his password, he can log in to ''server'' from ''desktop'' with the [[command]] |
| − | + | desktop:~ # ssh server | |
| − | Welcome to | + | Welcome to server. |
| − | + | server:~ # | |
Revision as of 07:27, 6 April 2009
A passwordless login is possible via ssh if you have established a trust relationship between two computers.
- Goal
- You want to log in using ssh to a computer. You do not want to enter a password, however it needs to be secured.
- Solution
- Establish a trust relationship so your desktop's ssh key is authorized on your server like this:
desktop:~ # ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/root/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_dsa. Your public key has been saved in /root/.ssh/id_dsa.pub. The key fingerprint is: 1c:9a:b8:03:ab:04:b3:7b:75:49:99:8c:51:79:5d:06 root@scorpio desktop:~ # scp .ssh/id_dsa.pub root@server:~/.ssh/authorized_keys
In this example, you create a key pair with no passphrase and distribute the public key from the computer desktop to server. The user root from desktop no longer needs to authenticate with his password, he can log in to server from desktop with the command
desktop:~ # ssh server Welcome to server. server:~ #
