I would like to start up an application server that resides on another linux machine in another network, so SSH is required. How can I do it? Something like this?:
ssh user#host password /home/user/server/bin/run.sh
?
You can generate a ssh public/private key pair using ssh-keygen command, and then append your public key to .ssh/authorized_keys file of target host, then you can omit the 'password' part above.
ssh-keygen -t rsa
scp .ssh/id_rsa.pub user#host:.ssh/authorized_keys
ssh user#host
chmod og-rw .ssh/authorized_keys
chmod a-x .ssh/authorized_keys
chmod 700 .ssh
Related
When first enter a sudo ssh localhost we always get a note like:
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:u0q6ow7gfu4IvqfGOytZB6MKjO479AUr9hulSqO/dy4.
Are you sure you want to continue connecting (yes/no/[fingerprint])?
And I want to skip this step.
I have try follow(with sshpass):
ssh-keygen -t rsa -P '' -f ~/.ssh/deploy_rsa<<<y
cat ~/.ssh/deploy_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
sudo ssh-keyscan localhost>>~/.ssh/known_hosts
Well it seems just works in ssh localhost, but not in sudo ssh localhost.
So is there any reliable way to access my goal?
ssh -o StrictHostKeyChecking=no localhost
Or for something more permanent, create or modify your ~/.ssh/config with this:
Host localhost
StrictHostKeyChecking no
Also you should know that this process opens you up to MITM attacks (not on localhost obviously) and shouldn't be done on any important server.
I want to copy big files from one linux server(SLES11) to another(SunOS) via bash scripting. I dont want to have a password promt so I used ssh-keygen to generate key about this connection.These are the steps I followed:
ssh-keygen -t rsa -b 2048
ssh-copy-id -i /home/username/.ssh/id_rsa.pub swtrans#111.111.111.111
ssh -i id_rsa.pub swtrans#111.111.111.111
After this scp command still requests password.
I am not 'root' user in both servers.
I changed permissions to 700 to the .ssh directory and 640 to the file authorized_keys in the remote server.
ssh -i id_rsa.pub swtrans#111.111.111.111
The -i argument accepts the private key, not the public one. You should use
ssh -i id_rsa swtrans#111.111.111.111
If it will not help, please provide the errors you can see in the server log and in the client
On Ubuntu machines I just add this line in ~/.ssh/authorized_keys
ssh-rsa XXXsdfsdfqw3eqwesdsdfasdfasdfadfrsdfsdfsdf=
I did the same on Raspberry PI running Raspbian Wheezy. But when I try to do password-less login using my private key in Putty, I get the following error:
Using username "pi".
Server refused our key
pi#192.168.0.5's password:
How do I get it to work with my existing key?
There is fastest and effective way to copy your public key to a remote machine's is with ssh-copy-id
ssh-copy-id pi#192.168.0.5
If you edit authorized_keys by hand ensure that authorized_keys and .ssh folder has the correct permissions :
chown -Rv -- pi:pi ~/.ssh/
chmod 700 ~/.ssh/
chmod 600 ~/.ssh/authorized_keys
It was permission related issue.
Did
sudo chown pi:pi .ssh
and
sudo chown pi:pi .ssh/autherized_keys
See https://www.raspberrypi.org/forums/viewtopic.php?t=79932&p=568968
I've set a passwordless connection through ssh using SSH key pair.
So if I run the command:
ssh -i /root/.ssh/root_master master#ip
I'm able to connect to master#ip without typing the pwd.
However I would like to connect without typing
-i /root/.ssh/root_master
but just typing
ssh master#ip
Can anyone help me?
localHost $ ssh remotePassword#remoteHostname
If you want to connect to remote server just by typing above command; you must create ssh trust between your local host and remote host.
Step 1: Create ssh setup on both the host. ( usually, .ssh directory is present at ~ directory )
Step 2: Generate RSA key pair on both the hosts. To generate RSA key pair
cd ~; mkdir -p .ssh; cd .ssh
ssh-keygen -t rsa -f "id_rsa" -N "\" -P "\"; chmod 400 id_rsa
touch authorized_keys; touch known_hosts
Step 3: Write id_rsa.pub file of local host to authorized_keys file of remote host and vice-versa (in case, you want to build both sides trust)
Step 4: Also make entry into known_hosts file or it will automatically create when you will connect for the first time.
This way you can create ssh trust between host and so make them passwordless.
Another way to do this is to usee new ssh module of perl.
How to append authorized_keys on the remote server with id_rsa.pub key from the local machine with a single command?
ssh-copy-id user#remote_server
http://linux.die.net/man/1/ssh-copy-id
Adding an authorized key could be one-lined this way (use double-quotes so it's interpreted before sent):
ssh user#server "echo \"`cat ~/.ssh/id_rsa.pub`\" >> .ssh/authorized_keys"
This does the trick:
cat ~/.ssh/id_rsa.pub | (ssh user#host "cat >> ~/.ssh/authorized_keys")
Appends the local public key the remote authorized_keys file.
The ssh-copy-id program is the standard way but the key can be appended manually to the ~/.ssh/authorized_keys file:
cat ~/.ssh/id_rsa.pub | ssh username#host "mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys"
This does not check if the key already exists and can lead to duplicates.
The most convenient option is the ssh-copy-id command. It can append the public key to ~/.ssh/authorized_keys. For example:
ssh-copy-id -f -i id_rsa.pub username#host
Where:
-f: force mode -- copy keys without trying to check if they are already installed
-i: [identity_file]
You can avoid some of the quoting with:
ssh user#host tee -a .ssh/authorized_keys < ~/.ssh/id_rsa.pub