Showing posts with label ssh login without password. Show all posts
Showing posts with label ssh login without password. Show all posts

Friday, June 14, 2013

Linux server authentication without password

Log into Linux server without password :
ssh login without password :

If you log into Linux server frequently using ssh and every time it asks for password. Now you have been sick to type server's password every time, read ahead.

This process is easy as well as secure. It does not leave any loop hole in your security.

Just follow these steps to get rid of typing password.

1. Open your .ssh directory inside your home directory.
2. There should be a pub file inside it, either it is id_dsa.pub or id_rsa.pub according to your key type. If you do not have keys in the directory, generate them. Read this.
3. Now open your server's ssh directory and save your public file ( id_dsa.pub or id_rsa.pub )as filename authorized_keys inside ssh directory of server.
4. If there is already a file authorized_keys inside server's ssh directory, just copy your public file content and paste in the file authorized_keys at last.
5. Now save the file.

Bottom line is client's public file content should be saved as authorized_keys file in the server.

To do this process using command line :
There can be multiple test cases that's why I wrote the process in steps.
1. Client is a user and server is a user or client is a root and server is a user or client is a user and server is a root or client is a root and server is a root.
2. If client is a user, the path of public file is /home/username/.ssh/id_dsa.pub or /home/username/.ssh/id_rsa.pub
If client is a root, the path of public file is /root/.ssh/id_dsa.pub or /root/.ssh/id_rsa.pub
3.  If server is a user, the path of authorized_keys is /home/username/.ssh or /home/username/.ssh
If server is a root, the path of authorized_keys is /root/.ssh or /root/.ssh
4. The authorized_keys file can exist already inside .ssh directory, if you replace it with your's authorized_keys, another user who is using this non-password process will lose the facility that's why you should add your public file content inside existing authorized_keys file without removing anything.

I am giving some examples of test cases and you will understand how to do this.
Case : 1
Suppose you are user and trying to log into server as a root. There is no authorized_keys file inside .ssh directory of server. You have id_dsa.pub file in your .ssh directory.
Just run following command.
# scp /home/user/.ssh/id_dsa.pub 192.168.xx.xx:/root/.ssh/authorized_keys
Case : 2
Suppose you are user and trying to log into server as a root. There is an existing authorized_keys file inside .ssh directory of server. You have id_dsa.pub file in your .ssh directory.
Just run following command.
# scp /home/username/.ssh/id_dsa.pub 192.168.xx.xx:/root/.ssh/ak && ssh 192.168.xx.xx "cat /root/.ssh/ak >> /root/.ssh/authorized_keys"
where
192.168.xx.xx : IP of the server
id_dsa.pub : public key file on client's system

Permissions for .ssh directory and authorized_keys file
The permission for directory .ssh should be 700. It means drwxr_xr_x
# chmod 700 ~/.ssh
The permission for file authorized_keys should be 600. 
It means -rw_____
# chmod 600 ~/.ssh/authorized_keys

NOTE :
You need either RSA or DSA key. You do not need to generate both.