Ssh without password

From HPCwiki
Revision as of 14:58, 19 March 2019 by Dawes001 (talk | contribs)
Jump to navigation Jump to search

Secure shell (ssh) protocols can be configure to work without protocols. This is particularly helpful for machines that are used often.

Configuring ssh without password from a POSIX-compliant terminal

Step 1: create a public key and copy to remote computer

  • Log into a local Linux or MacOSX computer
  • Type the following to generate the ssh key:

<source lang='bash'> ssh-keygen -t dsa </source>

  • Accept the default key location by pressing Enter.
  • Secure permission of your authentication keys by closing permission to your home directory, .ssh directory, and authentication files

<source lang='bash'> chmod go-w $HOME chmod 700 $HOME/.ssh chmod go-rwx $HOME/.ssh/* </source>

  • Type the following to copy the key to the remote server (this will prompt for a password).

<source lang='bash'> cd ~/.ssh scp id_dsa.pub remote_username@remote_host:/tmp </source>

  • Type the following to add the ssh key to the remote user's authorization keys (this will prompt for a password).

ssh remote_username@remote_host 'cat /tmp/id_dsa.pub >>/home/

Step 2: configure the public key from the local computer on the remote computer

  • log in to the remote computer using ssh (this will prompt for a password)

<source lang='bash'> ssh remote_username@remote_host </source>

  • copy the public key generated on the local computer, that was copied to /tmp on the remote computer, is now appended to .ssh/authorized_keys2. Note that a file called .ssh/authorized_keys may already be present.

<source lang='bash'> cat /tmp/id_dsa.pub >>$HOME/.ssh/authorized_keys2 </source>

  • similar to your local computer, make sure the permission on your remote home folder, .ssh folder, and authentication files are properly set (NOTE: this may already be the case).

<source lang='bash'> chmod go-w $HOME chmod 700 $HOME/.ssh chmod go-rwx $HOME/.ssh/* </source>

  • Lastly, remove the public key from the temporary folder.

<source lang='bash'> rm /tmp/id_dsa.pub </source>

  • If you log out of the remote computer and back in again, from the local computer from which you copied the public key, you will notice you will no longer be prompted for a password.

Configuring ssh without password for Anunna

  • Create a public key as in Step 1 of the previous section and copy it to Anunna. Note that a public/private key pair needs to be made only once per machine.
  • Similar to step 2 of the previous section, add the public key to the $HOME/.ssh/authorized_keys2 file. There is already a $HOME/.ssh/authorized_keys present. You may append the key to this file as an alternative, but take care not to remove content that is already there. The cluster is configured so that passwordless communication will all other nodes is default.

Configuring ssh without password using PuTTY

Use pAGEaNT: http://the.earth.li/~sgtatham/putty/0.58/htmldoc/Chapter9.html to generate local keys. You'll want have a copy of the pubkey in plaintext available.

Make sure to paste that plaintext string into ~/.ssh/authorized_keys in one single line. Chmod the file 600 (so it shows -rw------- in ls -l)

Now PuTTY will login passwordlessly whenever pAGEaNT is running.

Finally, get pAGEaNT to load on startup: http://blog.shvetsov.com/2010/03/making-pageant-automatically-load-keys.html

See also

External Links

Retrieved from "https://wiki.anunna.wur.nl/index.php?title=Ssh_without_password&oldid=1992"