Full-service Internet Marketing & Web Development
Recent Posts
Sponsors
 |
SSH No Password across multiple machinesDawn Rossi, 10-10-2007 |
If you're like me, you always have several SSH terminals open and you often need to connect from one machine to another.
Some of my scripts also run remote procedures across SSH and I hate to have to type the password every time.
Luckily, there's an easy way to configure SSH so that when a client machine connects to a host machine over SSH, RSA will be used to authenticate the handshake and no command-line password will be required.
Took me a while to figure out how to get this done.
Here's the recipe -
Step 1: On your host machine (the one you will be connecting to), fire up your favorite editor (vi rocks) and edit /etc/ssh/sshd_config
We're going to allow Root logins and turn-on RSA public key authentication:
Step 2: Login to your client machine (the one you will be connecting from) as root. Then run ssh-installkeys. It's a python script that does all the dirty work for you.
It generates a local key and updates the server.
Step 3: You're done. Try SSH root@REMOTEMACHINE.COM
Works every time.
Here's a link to download the Python ssh-installkeys
Some of my scripts also run remote procedures across SSH and I hate to have to type the password every time.
Luckily, there's an easy way to configure SSH so that when a client machine connects to a host machine over SSH, RSA will be used to authenticate the handshake and no command-line password will be required.
Took me a while to figure out how to get this done.
Here's the recipe -
Step 1: On your host machine (the one you will be connecting to), fire up your favorite editor (vi rocks) and edit /etc/ssh/sshd_config
We're going to allow Root logins and turn-on RSA public key authentication:
PermitRootLogin yes
#PermitRootLogin without-password
#StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
#PermitRootLogin without-password
#StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
Step 2: Login to your client machine (the one you will be connecting from) as root. Then run ssh-installkeys. It's a python script that does all the dirty work for you.
It generates a local key and updates the server.
Step 3: You're done. Try SSH root@REMOTEMACHINE.COM
Works every time.
Here's a link to download the Python ssh-installkeys
 |
TheWebmaster, 10-11-2007 |
Aren't you afraid of allowing root login? I mean I know you only give access to a particular set of IPs but...
For my part, I get so many brute force attacks on port 22 that I just enable SSHD whenever I need it and I disable it when done.
Hell, there's even one of my providers that blocked port 22 for my server (without my consent) because it got too many attacks. I got locked out and they didnt offer 24/7 support!
For my part, I get so many brute force attacks on port 22 that I just enable SSHD whenever I need it and I disable it when done.
Hell, there's even one of my providers that blocked port 22 for my server (without my consent) because it got too many attacks. I got locked out and they didnt offer 24/7 support!
 |
Dawn Rossi, 10-11-2007 |
Afraid? Me? Never!
:-)
Seriously though - SSH RSA uses PGP encryption and unless someone gets a hold of your private key, it is virtually unbreakable IMHO.
If your host is blocking ports on you without your consent, it may be time to look for another cheap web hosting provider.
:-)
Seriously though - SSH RSA uses PGP encryption and unless someone gets a hold of your private key, it is virtually unbreakable IMHO.
If your host is blocking ports on you without your consent, it may be time to look for another cheap web hosting provider.
 |
Alessandra Grieco, 10-29-2007 |
How to RSync across multiple machines without specifying a password:
Step 1:
As the user you are going to be running rsync as, and on the machine you will be running rsync on, type: ssh-keygen -t rsa
Follow the prompts and use the defaults for the filenames it gives you. Don't enter in a passphrase, otherwise you will still be prompted for a password when trying to connect.
You should then have two new files in ~/.ssh, id_rsa and id_rsa.pub.
Step 2:
Open ~/.ssh/id_rsa.pub and copy the line in it to the ~/.ssh/authorized_keys file on the host you will be connecting to as the user you will be logging in as.
Step 3:
Now try it out. Try ssh'ing from the host you created the id_rsa* files on to the one you added a line to the authorized_keys file. You won't be prompted for a password any more.
Step 1:
As the user you are going to be running rsync as, and on the machine you will be running rsync on, type: ssh-keygen -t rsa
Follow the prompts and use the defaults for the filenames it gives you. Don't enter in a passphrase, otherwise you will still be prompted for a password when trying to connect.
You should then have two new files in ~/.ssh, id_rsa and id_rsa.pub.
Step 2:
Open ~/.ssh/id_rsa.pub and copy the line in it to the ~/.ssh/authorized_keys file on the host you will be connecting to as the user you will be logging in as.
Step 3:
Now try it out. Try ssh'ing from the host you created the id_rsa* files on to the one you added a line to the authorized_keys file. You won't be prompted for a password any more.
|
|
Subscribe Now to receive new posts via Email as soon as they come out.
Comments
Post your comments