Learn how to configure SSH passwordless logins between Linux servers for seamless and secure remote access. Step-by-step instructions for setup. #centlinux #linux #ssh
Table of Contents
Problem Statement
During automation of one server backups to another server known as, offsite backup, our transfer scripts get stuck at the password prompt during the execution of the copy/transfer commands, and the script remains stuck at the password prompt and do not execute any further until a password is provided. Although, it can be overcome by saving the passwords in the scripts, but it is not a recommended practice to save your password in clear text format.
Fortunately, there is a relatively better solution to this problem. We can use the RSA public key based authentication to setup ssh passwordless logins among two or more servers.
In this article, we will configure ssh passwordless logins between a Linux and a Ubuntu server.
Read Also: How to setup SSH Keys in PuTTY
System Specification
The machine on which we want to login without password.
| Hostname: | backupserver.test.local |
| IP Address: | 192.168.229.128/24 |
| Operating System: | Ubuntu 14.04 LTS Server |
| Username: | backupadm |
The machine from which we want to login to backupserver.
| Hostname: | dbserver.test.local |
| IP Address: | 192.168.229.133/24 |
| Operating System: | CentOS 6.5 Server |
| Username: | oracle |
Recommended Training: “Secure Shell (SSH) essentials: a hands-on guide” from Ahmed Elfakharany.
Configure SSH Passwordless Logins
Connect to dbserver and generates a RSA public key without any passphrase.
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Created directory '/home/oracle/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
ca:2a:87:fc:7b:98:ae:d7:95:b3:35:b3:36:89:db:b4 oracle@dbserver.test.local
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| |
| |
| S. |
| . .+ + |
| . . +o. =.= |
| + =.o oo=. |
| .B=o .oE. |
+-----------------+
Above command generates two files in the ~/.ssh directory. Transfer the generated RSA public key id_rsa.pub file to backupserver.
$ scp .ssh/id_rsa.pub backupadm@backupserver:/home/backupadm/.ssh/rsa_dbserver_oracle
The authenticity of host 'backupserver (backupserver)' can't be established.
RSA key fingerprint is a2:38:20:d9:f6:93:04:fe:e5:09:cc:5d:b5:9a:7c:4c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'backupserver' (RSA) to the list of known hosts.
backupadm@backupserver's password:
id_rsa.pub 100% 409 0.4KB/s 00:00
Now, Connect to backupserver and merge rsa_dbserver_oracle into ~/.ssh/authorized_keys.
$ ssh backupadm@backupserver $ cd .ssh $ cat rsa_dbserver_oracle >> authorized_keys
Connect to dbserver and try to connect with backupserver.
$ ssh backupadm@backupserver
Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-24-generic x86_64)
* Documentation: https://help.ubuntu.com/
System information as of Sat Apr 2 21:10:02 PKT 2016
System load: 0.02 Processes: 246
Usage of /: 3.6% of 36.54GB Users logged in: 1
Memory usage: 16% IP address for eth0:192.168.229.128
Swap usage: 0%
Graph this data and manage this system at:
https://landscape.canonical.com/
Last login: Sat Apr 2 20:26:45 2016 from dbserver
Conclusion
In conclusion, configuring SSH passwordless logins between Linux servers enhances security and streamlines remote access. By setting up SSH key pairs and configuring the necessary permissions, you eliminate the need for password entry, making system administration more efficient. This setup not only improves convenience but also strengthens security by reducing the risk of brute-force attacks.