Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers. It connects, via a secure channel over an insecure network, a server and a client running SSH server and SSH client programs, respectively
But we connect a system via SSH it will ask for password each time when we try to connect it. When we are running a script which need to connect a server via SSH port it will ask for password but we can enter it so to avoid this we are creating as pass-wordless login between the servers which helps to runs the script without any issue.
Create Authentication SSH-Kegen Keys on current machine
While we creating Authentication SSH_Keygen it will ask for path to store the file and pass phrase password the login. Don't enter any password in pass phrase just hit enter.
[root@linuxstorages ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): [Hit Enter]
Enter passphrase (empty for no passphrase): [Hit Enter]
Enter same passphrase again: [Hit Enter]
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
36:47:58:f2:03:ab:be:71:bd:99:c5:3f:87:56:13:27 root@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
| o . |
| B |
| o + |
| . . . E..|
| . S . .o|
| . . + . ..|
| o . . o o.|
| + = .+ .|
| . + ..o |
+-----------------+
By default it will go for RSA 2048 bit encryption if you feel need more strong encryption then can go for RSA 4096 bit encryption.
[root@linuxstorages ~]$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): [Hit Enter]
Enter passphrase (empty for no passphrase): [Hit Enter]
Enter same passphrase again: [Hit Enter]
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
6c:c6:ac:12:5d:db:bb:88:12:ab:bf:a7:8e:e4:76:eb root@localhost.localdomain
The key's randomart image is:
+--[ RSA 4096]----+
| |
| |
| . |
| . = o |
| . . S . |
| .. + . |
| . .o. . |
| o..+... . . |
| .+*E*. . . |
+-----------------+
Move the public key to remote machine to make connection between machine.
[root@linuxstorages ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.1.200
The authenticity of host '192.168.1.200 (192.168.1.200' can't be established.
RSA key fingerprint is 59:0a:a0:7f:e2:cc:00:b8:19:fa:4e:4b:0c:72:5a:c0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.200' (RSA) to the list of known hosts.
root@192.168.1.200's password:
Now try logging into the machine, with "ssh 'root@192.168.1.200'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
You have new mail in /var/spool/mail/root
Login to remote host machine without password now and further.
[root@linuxstorages ~]$ ssh root@192.168.1.200
Last login: Sat Aug 23 15:09:48 2014 from 192.168.1.100
Check the machine ip address after login
[root@linuxstorages_1 ~]$ ifconfig
eth1 Link encap:Ethernet HWaddr 38:60:77:9B:FA:16
inet addr:192.168.1.200 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::3a60:77ff:fe9b:fa16/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4331151 errors:5 dropped:0 overruns:0 frame:3
TX packets:2907478 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:433288023 (413.2 MiB) TX bytes:661916311 (631.2 MiB)
Interrupt:20 Memory:fe400000-fe420000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:538498 errors:0 dropped:0 overruns:0 frame:0
TX packets:538498 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:67721587 (64.5 MiB) TX bytes:67721587 (64.5 MiB)
