First you need to enable key based authentication in the server. For that edit the file /etc/sshd/sshd_config in the server and uncomment the following entries:
=======
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
=======
restart ssh service
/etc/init.d/sshd restart
Now in your client machine create ssh key pair using the following commands
1. ssh-keygen -t rsa
just press enter when prompted for a pass phrase, as we do not need to enter passcodes during key based authentication.
This will provide you a key pair and the default location will be:
if you are root user in client machine:
/root/.ssh/id_rsa
/root/.ssh/id_rsa.pub
if you are a user in client machine:
/home/user/.ssh/id_rsa
/home/user/.ssh/id_rsa.pub
2. Assign proper permission to id_rsa file.
chmod 600 /root/.ssh/id_rsa
or
chmod 600 /home/user/.ssh/id_rsa.pub
3. you now need to paste the contents of id_rsa.pub to the /root/.ssh/authorized_keys file in the server if you need to login as root to the server or .ssh/authorized_keys file inside the user's home directory in server(generally /home/user/ ) if you need to login as user. (most probably if it is inside a user's home dir, you would be needing to create the .ssh folder and inside that the specified file. For root, .ssh folder will be there by default).
thats it! you can now login to the server by simply issuing the following command and without a password
ssh root@serverip
Note: In some cases, you would need to add the private key into ssh-agent after generating it. For that issue the foll command in your local machine after generating key pair.
ssh-add .ssh/id_rsa
.ssh/id_rsa is the private key path and may vary according to the way you saved them.
If you experience an error when issuing the above command, it can be rectified by issuing the following command:
eval `ssh-agent`
and then
ssh-add .ssh/id_rsa
0 comments:
Post a Comment