In this tutorial, you will learn, how to configure SSH Passwordless Logins between Linux servers. #centlinux #linux #ssh
Table of Contents
Problem Statement
During automation of one server backups to another server known as, offsite backup, our transfer scripts get stuck at the password prompt during the execution of the copy/transfer commands, and the script remains stuck at the password prompt and do not execute any further until a password is provided. Although, it can be overcome by saving the passwords in the scripts, but it is not a recommended practice to save your password in clear text format.
Fortunately, there is a relatively better solution to this problem. We can use the RSA public key based authentication to setup ssh passwordless logins among two or more servers.
In this article, we will configure ssh passwordless logins between a Linux and a Ubuntu server.
Recommended Online Training: Learn Bash Shell in Linux for Beginners
Read Also: How to setup SSH Keys in PuTTY
System Specification
The machine on which we want to login without password.
Hostname: | backupserver.test.local |
IP Address: | 192.168.229.128/24 |
Operating System: | Ubuntu 14.04 LTS Server |
Username: | backupadm |
The machine from which we want to login to backupserver.
Hostname: | dbserver.test.local |
IP Address: | 192.168.229.133/24 |
Operating System: | CentOS 6.5 Server |
Username: | oracle |
Configure SSH Passwordless Logins
Connect to dbserver and generates a RSA public key without any passphrase.
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Created directory '/home/oracle/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
ca:2a:87:fc:7b:98:ae:d7:95:b3:35:b3:36:89:db:b4 oracle@dbserver.test.local
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| |
| |
| S. |
| . .+ + |
| . . +o. =.= |
| + =.o oo=. |
| .B=o .oE. |
+-----------------+
Above command generates two files in the ~/.ssh directory. Transfer the generated RSA public key id_rsa.pub file to backupserver.
$ scp .ssh/id_rsa.pub backupadm@backupserver:/home/backupadm/.ssh/rsa_dbserver_oracle
The authenticity of host 'backupserver (backupserver)' can't be established.
RSA key fingerprint is a2:38:20:d9:f6:93:04:fe:e5:09:cc:5d:b5:9a:7c:4c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'backupserver' (RSA) to the list of known hosts.
backupadm@backupserver's password:
id_rsa.pub 100% 409 0.4KB/s 00:00
Now, Connect to backupserver and merge rsa_dbserver_oracle into ~/.ssh/authorized_keys.
$ ssh backupadm@backupserver $ cd .ssh $ cat rsa_dbserver_oracle >> authorized_keys
Connect to dbserver and try to connect with backupserver.
$ ssh backupadm@backupserver
Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-24-generic x86_64)
* Documentation: https://help.ubuntu.com/
System information as of Sat Apr 2 21:10:02 PKT 2016
System load: 0.02 Processes: 246
Usage of /: 3.6% of 36.54GB Users logged in: 1
Memory usage: 16% IP address for eth0:192.168.229.128
Swap usage: 0%
Graph this data and manage this system at:
https://landscape.canonical.com/
Last login: Sat Apr 2 20:26:45 2016 from dbserver
If you are new to Linux and facing difficulty in working at Linux Bash prompt. We recommend that, you should read The Linux Command Line, 2nd Edition: A Complete Introduction by William Shotts.
Conclusion
SSH Passwordless logins between Linux servers has been configured. Now our scripts do not stuck at password prompt.