Set the method of SSH password free login on CentOS and RHEL
- 2020-05-30 21:43:42
As a system administrator, you plan to use OpenSSH on Linux to automate routine tasks such as file transfers, backing up database dumps to another server, and so on. To achieve this, you need to be able to automatically log in from host A to host B. Automatic login means using ssh in the shell script without having to enter any password.
This article will show you how to set up SSH password-free login on CentOS/RHEL. Once configured, you can use it to move files around using SSH (Secure Shell) and secure copy (SCP).
SSH is open source and is the most reliable network protocol for remote login. The system administrator USES it to execute commands and transfer files over the network to another computer via the SCP protocol.
By configuring SSH to log in password-free, you can enjoy the following benefits:Use scripts to automate routine tasks. Enhanced security for Linux servers. This is one of the recommended ways to protect virtual private servers (VPS) from brute force attacks. The SSH key is virtually unbreakable by brute force alone.
What is a ssh - keygen
ssh-keygen is a tool for generating, creating, and managing public and private keys for SSH authentication. Through the ssh-keygen command, users can create keys that support both the SSH1 and SSH2 protocols. ssh-keygen creates an RSA key for the SSH1 protocol, while SSH2 can be RSA or DSA.
What is ssh copy - id
ssh-copy-id is a script command that copies the local public key to the remote authorized_keys file. It also appends the identity file to the ~/.ssh /authorized_keys file on the remote machine and gives the user home directory of the remote host the appropriate permissions.
The SSH key provides a better and secure mechanism for logging into the Linux server. After running ssh-keygen, the public-private key pair is generated. You can place the public key on any server and use it to unlock it when connecting to the server from a client that holds the private key. When the two match, the system can unlock without a password.
Set up password-free access to SSH on CentOS and RHEL
The following steps were tested on CentOS 5/6/7, RHEL 5/6/7, and Oracle Linux 6/7.
Node 1:192.168.0.9 node 2:192.168.l.10
Connection and access from test node 1 to node 2:
[root@node1 ~]# ssh firstname.lastname@example.org The authenticity of host '192.168.0.10 (192.168.0.10)' can't be established. RSA key fingerprint is 6d:8f:63:9b:3b:63:e1:72:b3:06:a4:e4:f4:37:21:42. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.0.10' (RSA) to the list of known hosts. email@example.com's password: Last login: Thu Dec 10 22:04:55 2015 from 192.168.0.1 [root@node2 ~]#
Generate the public and private keys using the ssh-key-gen command, and note that you can encrypt and protect the private keys for enhanced security.
[root@node1 ~]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: b4:51:7e:1e:52:61:cd:fb:b2:98:4b:ad:a1:8b:31:6d firstname.lastname@example.org The key's randomart image is: +--[ RSA 2048]----+ | . ++ | | o o o | | o o o . | | . o + .. | | S . . | | . .. .| | o E oo.o | | = ooo. | | . o.o. | +-----------------+
Copy or upload the public key to the remote host using the ssh-copy-id command, and append the identity file to the ~/.ssh /authorized_keys of node 2:
[root@node1 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.0.10 email@example.com's password: Now try logging into the machine, with "ssh '192.168.0.10'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.
Verify password-free SSH login node 2:
[root@node1 ~]# ssh firstname.lastname@example.org Last login: Sun Dec 13 14:03:20 2015 from www.ehowstuff.local
I hope this article has been helpful in providing you with basic knowledge and a quick guide to SSH password-free login to CentOS/RHEL. Thank you for your support!