SSH Passwordless Login – CentOS 7 / RHEL 7

ADVERTISEMENT

CentOS 7

SSH is a client and serer protocol, it help us to access the remote system over the network through the encrypted tunnel. Whenever the client access the server, the client downloads the secure key from the server and at the same time-server also downloads key from client. Those two keys make the encrypted tunnel between the server and client, so that data transfers very securely over the network.

SSH is widely used as the alternative of FTP, as you know any thing that uses TCP network asks password to collect data. SSH is also a TCP service, it requires password to access the remote machine. If the organization has a large number of servers, every time admin has to enter the password to access the remote system. It is a pain to enter the password multiple times, SSH comes with new feature called password less login, that helps to access the remote machine without entering the password.

ADVERTISEMENT
Article will continue after the ad

To enable the password less login, we have to put the public key entry of client host name and user detail on the remote server. That key entry will be on the following file (~/.ssh/authorized.keys) (~=Home directory of the user) according to your remote user.

Follow the steps to create the password less login. here we have two machines with two different username.

Assumptions:

Machine 1 :

Hostname: server.itzgeek.com

IP address: 192.168.12.6

Username: raj

Machine 2 :

Hostname: client.itzgeek.com

IP address: 192.168.12.8

Username: ram

Here i will be using hostname instead of ipaddress, you can replace it with real ip address’s. I have logged in as raj on server.example.com, create a pair of keys using the following command.

[raj@server ~]$ ssh-keygen

Generating public/private rsa key pair.
Enter file in which to save the key (/home/raj/.ssh/id_rsa):
Created directory ‘/home/raj/.ssh’.
Enter passphrase (empty for no passphrase):       Press Enter
Enter same passphrase again:       Press Enter
Your identification has been saved in /home/raj/.ssh/id_rsa.
Your public key has been saved in /home/raj/.ssh/id_rsa.pub.

Once you have created, you will find two files inside the .ssh directory. id_rsa and id_rsa.pub. We are going to use id_rsa.pub as a base file.

[raj@server ~]$ ll ~/.ssh/
total 8
-rw-------. 1 raj raj 1675 Nov 25 10:43 id_rsa
-rw-r--r--. 1 raj raj  404 Nov 25 10:43 id_rsa.pub

Use the ssh-copy-id command with input file of id_rsa.pub; it creates ~/.ssh/authorized.keys if not present, other wise it would appends the key. The key contains the information about the host and user name.

[raj@server ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub ram@client.itzgeek.com

The authenticity of host ‘client.itzgeek.com (192.168.12.6)’ can’t be established.
ECDSA key fingerprint is a1:cb:88:60:46:16:fd:d3:93:31:4b:5f:94:5e:78:f8.
Are you sure you want to continue connecting (yes/no)? yes Type Yes and Enter
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
ram@client.itzgeek.com’s password: Enter password of ram (client machine user)
Number of key(s) added: 1Now try logging into the machine, with:   “ssh ‘ram@client.itzgeek.com'”and check to make sure that only the key(s) you wanted were added.

Now access the remote machine using SSH. It will take you to the shell directly without asking password.

[raj@server ~]$ ssh ram@client.itzgeek.com
[ram@client ~]$

That’s All, This password less login saves the time and energy of the system admin.

ADVERTISEMENT

POSTS YOU MAY LIKE -:)

Share This Post

  • CharmaiCoppin
  • NoraQFCrkhnlirn
  • CharmaiCoppin

    Greate post. Keep writing such kind of info on your site. Im really impressed by your site.
    Hi there, You have performed a fantastic job. I will certainly digg it and individually suggest to my friends. I am confident they’ll be benefited from this web site.

  • WaldoMooney
  • Is it worth using personal blogs for link building? I was told they are
    useful but can’t tell if they still work post penguin
    Added a share on Facebook, hope thats okay

  • larkspurlazuli

    In your example, you are SSHing from the server to the client.
    Typically you would SSH from the client to the server, I would expect. It seems backward and you don’t establish in the example who is logging into who.

    • Raj

      Hi,

      Actually, if you see any larger environment. They will have a centralized server, from that, they do lots of stuffs on clients servers (For example, bulk password reset) using passwordless login.

    • Hi,

      Actually, if you see any larger environment. They will have a
      centralized server, from that, they do lots of stuffs on clients servers
      (For example, bulk password reset) using passwordless login.

  • anonymous

    Hi I performed the same steps but keep hitting on:
    /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
    Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

    • Make sure you have entered the correct credential to login on to remote machine

Shares