I am currently developing some work in clients and servers application and my college allows us to use their machines (linux) to host and test the apps.
My problem is that every single time I want to ssh into the machine the server prompts me to insert the password. I managed to use the information here to use a key in order to login but it still asks me for my password into the machine.
Using Putty I can save my password and login straight, is there anyway to do this using this command:
ssh -t (myUser#theSSHLink) -p 22
via Git Bash?
try:
USERHOST="myUser#theSSHLink"
cd ${HOME}
if [ ! -f ".ssh/id_rsa" ]; then
ssh-keygen -t rsa
fi
ssh $USERHOST mkdir -p .ssh
cat .ssh/id_rsa.pub | ssh $USERHOST 'cat >> .ssh/authorized_keys'
Running the above will ask for your password (from the user#host) twice. Afterwards, it shouldn't ask for a password when you try to ssh.
Related
To establish an SSH connection between my PC (Linux) and server (Linux) I have to enter the password of the user.
ssh USER#<IP-Address>
Now I want to replace the password with FIDO2. For this I have executed the following commands on my PC and followed the instructions.
ssh-keygen -t ed25519-sk -O resident -O application=ssh:YourTextHere -f ~/.ssh/id_mykey_sk`
and
ssh-copy-id -i ~/.ssh/id_mykey_sk.pub USER#<IP-Address>
Now I have the problem when I try to establish the SSH connection it still asks for the password instead of the FIDO2 stick. What could be the reason for this?
I found out, that when I run the commands
eval `ssh-agent -s`
and
ssh-add -K
it works as expected.
Establish a connection to my server via
ssh USER#<IP-Address>
will now work with the FIDO2 key.
I'm using ansible in the following way:
ansible-playbook -f 1 my-play-book.yaml --ask-pass --ask-sudo-pass
After this I'm asked to enter the ssh & sudo passwords (same password for both).
Inside my playbook file I'm using synchronize task:
synchronize: mode=push src=rel/path/myfolder/ dest=/abs/path/myfolder/
For each host, I'm prompted to enter the ssh password of the remote host (the same that I entered in the beginning of the playbook run)
How can I avoid entering the password when executing synchronize task?
If you have setup the ssh keys correctly on the <host>, then the following should work.
ansible all -m synchronize -a "mode=push src=rel/path/myfolder/ dest=/abs/path/myfolder/" -i <host>, -vvv
I was able to get the above working without any password prompt.
I want to sync a directory /var/sites/example.net/ from a remote machine to a directory at the same path on my local machine.
The remote machine only authenticates SSH connections with keys, not passwords.
On my local machine I have an alias set up in ~/.ssh/config so that I can easily run ssh myserver to get in.
I'm trying rsync -a myserver:/var/sites/example.net/ /var/sites/example.net/ but it fails because my local user does not have permission to edit the local directory /var/sites/example.net/.
If I try sudo rsync -a myserver:/var/sites/example.net/ /var/sites/example.net/ (just adding sudo), I can fix the local permission issue, but then I encounter a different issue -- my local root user does not see the proper ssh key or ssh alias.
Is there a way I can accomplish this file sync by modifying this rsync command? I'd like to avoid changing anything else (e.g. no changes to file perms or ssh setup)
Try this:
sudo rsync -e "sudo -u localuser ssh" -a myserver:/var/sites/example.net/ /var/sites/example.net/
This runs rsync as root, but the -e flag causes rsync to run ssh as your local user (using sudo -u localuser), so the ssh command has access to the necessary credentials. Rsync itself is still running as root, so it has the necessary filesystem permissions.
Just improving on top of larsks's response:
sudo rsync -e "sudo -u $USER ssh" ...
So in your case change rsync -a myserver:/var/sites/example.net/ /var/sites/example.net/ to sudo rsync -e "sudo -u $USER ssh" -a myserver:/var/sites/example.net/ /var/sites/example.net/.
With regards to #larsks' answer, If you have your key loaded into the ssh agent, which is my use case, you can instead do:
sudo rsync -e "env SSH_AUTH_SOCK=$SSH_AUTH_SOCK ssh" /source/path /destination/path
Instead of the double sudo.
My use case, if anyone is interested in replicating, is that I'm SSHing to a non-root sudo-er account on remote A, and need to rsync root-owned files between remote A and remote B. Authentication to both remotes is done using keys I have on my real local machine and I use -A to forward the ssh-agent authentication socket to remote A.
Guss's answer works well if you want to use sudo rsync for local file permissions but want to utilise your user's SSH session. However, it falls short when you also want to use your SSH config file.
You can follow Wernight's approach by using sudo to switch the user for the SSH connection and supplying a path to the config file, but this won't work if you have to enter a passphrase. So, you can combine both approaches by making use of the --preserve-env flag:
sudo --preserve-env=SSH_AUTH_SOCK rsync -e "sudo --preserve-env=SSH_AUTH_SOCK -u $USER ssh" hostname:/source/path /destination/path
Note that it's necessary to cascade this flag through both sudo commands so it does look a bit messy!
As requested by Derek above:
when sudo asks for a password then you need to modify the sudoers config with sudo visudo and add a entry with NOPASSWD: in front of the rsync command.
For details you could consult man sudoers.
this will work in every mode, even via cron, at, systemd.service+timer, etc.
test it with: ssh <user>#<your-server> "sudo <your-rsync-command>"
From my laptop, I often ssh into another machine in my university department. I have to put in a password every time currently.
Could someone give me an idiot's guide to having the password be automatically entered each time I log in please.
Thank you in advance.
You can override by enabling Password less authentication. But you should install keys (pub, priv) before going for that.
Execute the following commands at local server.
Local $> ssh-keygen -t rsa
Press ENTER for all options prompetd. No values need to be typed.
Local $> cd .ssh
Local $> scp .ssh/id_rsa.pub user#targetmachine:
Prompts for pwd$> ENTERPASSWORD
Connect to remote server using the following command
Local $> ssh user#targetmachine
Prompts for pwd$> ENTERPASSWORD
Execute the following commands at remote server
Remote $> mkdir .ssh
Remote $> chmod 700 .ssh
Remote $> cat id_rsa.pub >> .ssh/authorized_keys
Remote $> chmod 600 .ssh/authorized_keys
Remote $> exit
Execute the following command at local server to test password-less authentication.
It should be connected without password.
$> ssh user#targetmachine
I assume you are using Linux. Lot of places in the internet where it is already documented.
For example(s):
http://www.rebol.com/docs/ssh-auto-login.html
http://www.linuxproblem.org/art_9.html
You can log in without providing password if PKI (public key infrastructure) is set up.
Otherwise you'll have to look for ssh client that can store passwords and supports your operating system.
Use a tool (such as AutoHotkey, assuming you are using Windows) to record and replay key sequences: http://www.autohotkey.com/
Im trying to setup the passwordless SSh Login like the one stated here
I was able to generate the SSH Key Successfully
ssh-keygen
But when I'm doing this
cat ~/.ssh/id_dsa.pub | ssh user#xxx.xxx.xxx.xxx 'cat >>
~/.ssh/authorized_keys'
it gave me this error
Pseudo-terminal will not be allocated because stdin is not a terminal
ssh : xxx.xxx.xxx.xxxcat >> ~/.ssh/id_rsa.pub | ssh
user#xxx.xxx.xxx.xxx 'cat >>> ~/.ssh/authorized_keys'
I tried to setup passwordless SSH without getting this kind of error but its not working because it is still asking for password. And according to the author of this article, SSH-copy-id has 3 issues which most probably the reason why It still asking for password.
Any ideas?
Note: machines are running on CentOS
Try:
cat ~/.ssh/id_dsa.pub | ssh -t -t user#xxx.xxx.xxx.xxx 'cat >> ~/.ssh/authorized_keys'
-t -t option to force pseudo-tty allocation even if stdin isn't a terminal.