1. Introduction
Octopus Computer Solutions is a leading Virtual Private Server provider in Israel. We provide Shared hosting for WordPress websites and VPS for high tech companies. When we are running rsync or just connect a lot to a remote machine running SSH you’d like to avoid entering the password each time. This is especially good for automatic scripts you write or using Ansible.
However, you shold note that the security aspect here is very dangerous. If someone will have your local client computer, then he will have access to the remote one.
You should have SSH access in the first place. You will need to enter the password to in order to setup the password-less connection.
2. Configuration
First create an identify or SSH Key on your own machine (the local/client machine)
# ssh-keygen -t dsaGenerating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
e4:83:ea:54:c5:c2:da:ca:98:60:e8:ae:4a:5a:de:da root@linux-example
The key's randomart image is:
+--[ DSA 1024]----+
| |
| . |
| . . E |
| . o |
| . . .S . |
| o.=+o. |
| .+o+oo . |
| .. +oo+ |
| .o. ++o |
+-----------------+
Now go to the location where you’ve created the new public key of your local machine.
# cd ~/.ssh
The following will push the created key onto the remote machine into it’s user_dir/.ssh/authorized_keys file. In the example we use root user.
I advice you not to use this for root user, but only for specific login users.
# cat id_dsa.pub | ssh root@12.34.56.78 'cat - >> ~/.ssh/authorized_keys'
root@12.34.56.78's password:
Notice we’ve entered the password here.
3. Verification
Verify you’re in that file.
You can see each line in the file that ends with the hostname of the client/ local machine
.Search for your client. In our example it’s linux-example.
# ssh root@12.34.56.78 cat ~/.ssh/authorized_keys
ssh-dss AAAAB3NzaC1kcuk/+R/AVgV6TEf21K9E3MzQRvFFvvzxcvImWrEt+MsAd9WJ+Yj4= root@linux-abcd
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIB8NFFvvzxcvImWrEt+MsTwrTVNx8KZwzNj067== nextdaa
ssh-dss AAAAB3NMZ1asdfasdfasdfFaSddWWqqFFvvzxcvImWrEt+Ms/xICPTjF0tgIo/49b1dffjfbr3u== root@linux-example
You should notice that this time, you weren’t asked for a password!
5. In short
# ssh-keygen -t dsa
# cd ~/.ssh
# cat id_dsa.pub | ssh remote-machine ‘cat – >> ~/.ssh/authorized_keys’ -l root
Enjoy.
