Difference between revisions of "Passwordless logins"

From Linuxintro
imported>ThorstenStaerk
imported>ThorstenStaerk
Line 13: Line 13:
 
  The key fingerprint is:
 
  The key fingerprint is:
 
  1c:9a:b8:03:ab:04:b3:7b:75:49:99:8c:51:79:5d:06 root@scorpio
 
  1c:9a:b8:03:ab:04:b3:7b:75:49:99:8c:51:79:5d:06 root@scorpio
  desktop:~ # scp .ssh/id_dsa.pub root@server:~/.ssh/authorized_keys
+
  desktop:~ # cat .ssh/id_dsa.pub | ssh root@server cat >> ~/.ssh/authorized_keys
 
In this example, you create a key pair with no passphrase and distribute the public key from the computer ''desktop'' to ''server''. The user root from ''desktop'' no longer needs to authenticate with his password, he can log in to ''server'' from ''desktop'' with the [[command]]
 
In this example, you create a key pair with no passphrase and distribute the public key from the computer ''desktop'' to ''server''. The user root from ''desktop'' no longer needs to authenticate with his password, he can log in to ''server'' from ''desktop'' with the [[command]]
 
  desktop:~ # ssh server
 
  desktop:~ # ssh server
 
  Welcome to server.
 
  Welcome to server.
 
  server:~ #
 
  server:~ #

Revision as of 02:22, 17 April 2009

With Linux, it is possible to log in to a remote computer without having to type a password. You authenticate yourself with your "digital signature" and your public key.

Goal
You want to log in using ssh to a remote computer. You do not want to enter a password, but you want maximum security.
Solution
Establish a trust relationship so your desktop's ssh key is authorized on your server like this:
desktop:~ # ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
1c:9a:b8:03:ab:04:b3:7b:75:49:99:8c:51:79:5d:06 root@scorpio
desktop:~ # cat .ssh/id_dsa.pub | ssh root@server cat >> ~/.ssh/authorized_keys

In this example, you create a key pair with no passphrase and distribute the public key from the computer desktop to server. The user root from desktop no longer needs to authenticate with his password, he can log in to server from desktop with the command

desktop:~ # ssh server
Welcome to server.
server:~ #