How to do a SSH authentication without password

From Wiki
Revision as of 16:31, 14 June 2011 by Mmercy (talk | contribs)
Jump to navigation Jump to search

go back to Main Page, Computational Resources, Information & Help, Chemistry & More, Linux & Unix


Introduction

Each time you want to connect to an external server you need your password... You're tired? I propose a method to avoid having to enter password.

To do this we will use the SSH key with DSA encryption ( it exist also and RSA encryption, the choice is completely arbitrary)

Principle is simple:

  • You create an encrypted SSH key for your user (user_local) on the local computer (local)
  • You send a public part of it to your user (user_server) on the distant server (for example kimik2)


Create a SSH encrypted key on the local machine

The key is composed of two file: id_dsa and id_dsa.pub.

  • id_dsa is the private key!!! DO NOT DIVULGE !!!
  • id_dsa.pub is the public key.

First, check if you have or not this key. It is located in the .ssh directory 

     /home/user_local/.ssh/

If there is already this two file, go to the last part of this tutorial, else let's create this files. It is very easy via the keygen function: 

      ssh-keygen -t dsa

The computer ask you: 

      Enter file in which to save the key (/home/user_local/.ssh/id_dsa): 
      Enter passphrase (empty for no passphrase):

I let the first empty to have the default name. Then the computer ask you for a passphrase. Of course you have to put one for your security.

If everything is OK, the 'echo' is: 

     Your identification has been saved in /home/user_local/.ssh/id_dsa.
     Your public key has been saved in /home/user_local/.ssh/id_dsa.pub.
     The key fingerprint is:
     7b:53:c3:.................:e8:6c:bb user@local
     The key's randomart image is:
     +--[ DSA 1024]----+
     |                 |
     |                 |
     |                 |
     |           .  .  |
     |        S   ++.o |
     |         . +o+++ |
     |        . +oo +=.|
     |           .E+...|
     +-----------------+

Bravo, you create an SSH encrypted key.


Installing SSH public key on the server

There are 2 methods. The first is automatic and easy (but not present in all the distributions), the second is manual and easy too. As I'm lazy, I will describe only the automatic. If that doesn't work, go on the web.

  • Automated method:

In your openssh utilities, we are using the ssh-copy-id. This command will automatically add your public key (id_dsa.pub) of the local computer in the file ~/.ssh/authorized_keys on the distant server. In your local computer, type the command: 

     ssh-copy-id user_server@server

After entering your password and your passphrase for the last time, the public key is copied to the user account "user_server" server.


try and feel free to modify this tutorial

http://en.wikipedia.org/wiki/Ssh-keygen

http://linux.die.net/man/1/ssh-copy-id

Retrieved from "http://usrc.iciq.cat/wiki/index.php?title=How_to_do_a_SSH_authentication_without_password&oldid=4791"