SuSE Automation: SSH login without password

A fast and easy recipe!

Tired of using passwords to connect to all those systems!



Here's a way to make your logins as effortless as possible in a few quick steps. I will assume you want to connect as 'user1' on SERVER-A over to SERVER-B as 'user2'.

  1. First, login onto SERVER-A as 'user1'. Now, create some keys.
  2. > ssh-keygen -t rsa ( Press enter at all prompts - [but you should really use a passphrase, prevents use in case of theft] )

  3. Then, connect to SERVER-B as 'user2 and create an .ssh directory, log out afterwords.
  4. > mkdir -p .ssh

  5. Back on SERVER-A, transfer a copy of your public key to SERVER-B
  6. cat .ssh/id_rsa.pub | ssh user2@SERVER-B 'cat >> .ssh/authorized_keys'

  7. Finally, test your handiwork from SERVER-A.
  8. > ssh user2@SERVER-B ( you should not be prompted for a password! )

  9. You can also substitute 'ssh-copy-id' for the 'cat's. (But it is good to know what it is really doing for you what you would had to manually do!)

Troubleshooting

If you are having problems getting key authentication to work, here are some troubleshooting steps to check:

  1. Check that you have the following lines configured in the /etc/ssh/sshd_config file on your server:
    RSAAuthentication yes
    PubkeyAuthentication yes

  2. Check that you have the following permissions on your home directory:
    - Only your user has write/execute permissions on your home directory (chmod 700 ~)
    - Only your user has write/execute permissions on your ssh configuration directory (chmod 700 ~/.ssh)
    - Only your user has write permissions on your ssh authorized keys file (chmod 600 ~/.ssh/authorized_keys)

  3. Check that your ~/.ssh/authorized_keys file contains one public key per line, each beginning with ssh-rsa or ssh-dsa


  4. Check that your public keys in ~/.ssh/authorized_keys have not been disected when wrapped over multiple lines (from a cut-n-paste)


  5. You should also check the log files for any error messages that sshd might be giving.

If you do not see anything relevant in the logs, you can try increasing the logging verbosity of sshd by setting LogLevel DEBUG3 in your /etc/ssh/sshd_config and restarting the ssh daemon.


Peace be unto you. Thank you for visiting!