Jun 15, 2008

HOWTO: Passwordless logins between servers

Author: gaweee | Filed under: development, howto
Before i get into this HOWTO, its worth noting that the use of passwordless logins can be really dangerous when it applies on an organizational level. Some organizations do not have any operating procedures in place to remove inactive employee accounts much less bother to check for ssh authorized keys. That being said, i’ve found this technique tremendously useful in creating backup server relations between one or more servers.
So if you’ve properly weighted your pros and cons, here we go…
Step 1 – generate your RSA/DSA keypair 

gaweee@wits:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/gaweee/.ssh/id_rsa): [enter]
Enter passphrase (empty for no passphrase): [enter]
Enter same passphrase again: [enter]
Your identification has been saved in /home/gaweee/.ssh/id_rsa.
Your public key has been saved in /home/gaweee/.ssh/id_rsa.pub.
The key fingerprint is:
2c:1f:fb:f0:ae:2b:88:99:60:ee:eb:a5:83:3c:3c:c4 gaweee@wits

Why? Distribution of these keys is crucial to logging into the remote server without having to key in your password.
The 2 files created: /home/gaweee/.ssh/id_rsa and /home/gaweee/.ssh/id_rsa.pub are your private and public keys respectively. Keep your private key to yourself ONLY.

Step 2 – Distribute the public key to target servers

gaweee@wits:~$ scp .ssh/id_rsa.pub somenewserver:.ssh/authorized_keys
gaweee@somenewserver password: [password]

this uses scp to put the public key onto the new server’s authorized_keys.
Viola! and you’re done!


This entry was posted on Sunday, June 15th, 2008 at 9:36 am and is filed under development, howto. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

read users' comments (0)

Leave a Reply