SSH Login without Password

(Secure Shell), secure protocol in Unix flavors . It establishes a secure channel between local and remote machine to terminal access and data transfer.

SCP (Secure Copy) for data transfer between source and destination machine in UNIX environment. Copying data from windows client machine to any Linux machine using sftp / Winscp can be done.

In the below steps we are allowing vhost1 (192.168.0.20) to login vhost2 (192.168.0.30) without a password.

Step 1  : Configure SSH service

Step 2 : Generate the pair of Authentication keys.

Step 3 : Verifying 

Let us see the steps in Details :

Step 1  : Configure SSH service

SSH service by default listens on port 22 (TCP). For security purpose the default port can be changed.

There is feasible to customize the SSH port number using the sshd_config file as shown below.

[root@solutionsatexperts ~]# vi /etc/ssh/sshd_config

#Port 22

Default port 22 is commented, if you want to change from 22 to any desired port number you can modify by removing the comment as indicated below.

Port 6466

Restart the SSH service changes to take effect by executing below command.

#service sshd restart

Try login using new SSH port i.e., (6466) .

Login to remote Linux machine without a password is needed to run scripts or execute the admin task using cron jobs.

Data backup, auto login. SSH login without password require to create a public and private key using ssh-keygen command , the public is copied to the destination Linux machine intending to login without password.

Step 2 : Generate the pair of Authentication keys.

In the below example we used 2 Linux machines vhost1 and vhost2. vhost1 assigned an IP address 192.168.0.20 and vhost2 assigned an IP address 192.168.0.30.

“vhost1: 192.168.0.20″
“vhost2: 192.168.0.30″

First login to “vhost1, 192.168.0.20” machine and generate the pair of authentication keys.  By default keys generated in /root/.ssh/ for root user, for normal users /home/username/.ssh/

 [root@vhost1 ~]# ssh-keygen -t rsa

[root@vhost1 ~]# ls .ssh/

Output:

917612 drwx—-–.  2 root root 4096 Oct 13 21:34 .
917505 dr-xr-x—. 23 root root 4096 Oct 13 21:34 ..
917657 -rw–—   1 root root 1675 Oct 13 21:27 id_rsa
917664 -rw-r–r–   1 root root  415 Oct 13 21:27 id_rsa.pub
917613 -rw-r–r–.  1 root root 1592 Sep 23 15:27 known_hosts

* id_rsa file stores  private key and id_rsa.pubfile stores public key.

ssh-copy-id command to copy the public key (id_rsa.pub)  to remote machines in (192.168.0.30:/root/.ssh/authorized_keys)  the authorized_keys file will be generated automatically in a remote machine.

[root@vhost1 ~]# ssh-copy-id root@192.168.0.30

The authenticity of host ’192.168.0.30 (192.168.0.30)’ can’t be established.
RSA key fingerprint is 72:42:6b:d2:60:4e:45:95:20:75:df:d9:15:5c:ff:6f.
Are you sure you want to continue connecting (yes/no)? y
root@192.168.0.30′s password:   Enter the password here

Step 3 : Verifying  

Now try logging into the vhost2 machine, with “ssh root@192.168.0.30′”, and check in:

[root@vhost1 ~]# ssh root@192.168.0.30
Last login: Sun Oct 13 22:02:05 2013 from 192.168.0.20
[root@vhost2 ~]#

Useful SSH Commands

Login

 #ssh xyz@192.168.1.x

“Login to the remote machine as xyz user, xyz user account must exist in remote Linux machine “

#ssh 192.168.1.x

“Login to the remote machine as the root user “

#ssh –p 8822 xyz@192.168.1.x

“Login to the remote machine as xyz user over non-default port, xyz user account must exist in remote Linux machine “

#ssh –p 8822 192.168.1.x

“Login to the remote machine as the root user over default port i.e., 22. 

Copying

 #scp /opt/example.tgzxyz@192.168.1.x:/home/xyz/

 copy a file ‘example.tgz as root user  from /opt/ folder to remote machine in xyz user’s home directory ‘/home/xyz’  with same file name”

#scp xyz@192.168.1.x:/home/xyz/example.tgz   /opt/

“Copy a file ‘example.tgz  from remote machine as normal user “xyz” to local machine in /opt folder.

#scp /opt/example.tgz192.168.1.x:/opt/

“copy a file ‘example.tgz to remote machine as root user”

#scp –P 8822 /opt/example.tgz xyz@192.168.1.x:/home/xyz

“Copy a file ‘example.tgz  to remote machine  as root user  over non-default port in  xyz user account home folder. “8822 is modified SSH port”

Disable root login over SSH terminal console for security reasons

Invoke sshd_config file in an editor and go to PermitRootLogin section which is by default commented , to disable the root login access uncomment and change the line as indicated below.

[root@solutionsatexperts~]# vi /etc/ssh/sshd_config

#PermitRootLogin yes

Change to 

#PermitRootLogin no  (remove the # comment)

#service sshd restart

 For more detail you can watch video and subscribe for more Videos :

Both comments and pings are currently closed.

One Response to “SSH Login without Password”

  1. Darcy says:

    Hello, just wanted to tell you, I liked thіѕ ρost.
    It was іnspiring. Keep on posting!

Copyright ©Solutions@Experts.com
Copyright © NewWpThemes Techmark Solutions - www.techmarksolutions.co.uk