In this post we are going to learn about How to setup Password Less Login Using ssh-keygen and ssh-copy-id between client and remote server.
What is SSH ?
SSH or Secure Shell is a Linux software package that allows secure system administration and file transfers over insecure networks. SSH protocol is used to encrypt the connection between a client and a server to protect any user authentication, commands, output, and file transfers against attacks in the network. It is by default used in almost every data center and enterprise.
Suppose you have a scenario where you need to run a Linux command remotely daily and every time you run the command, you get a prompt for the password. If you want to automate this activity using shell script then it will run unattended because of password prompt. We can avoid the password prompt by setting a password less connection between client and server. Follow below steps to set the password less authentication.
Create SSH Keys using ssh-keygen for Password Less Login
For this first we need to create the SSH keys on the client system through which we are going to connect to remote server. For this we are going to use ssh-keygen command
[email protected]:~# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): --Enter here Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): --Enter Here Enter same passphrase again: --Enter Here Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:GKW7yzA1J1qkr1Cr9MhUwAbHbF2NrIPEgZXeOUOz3Us [email protected]
After this step SSH key will be generated and stored in ~/.ssh directory.
Copy the SSH Key to Server Using ssh-copy-id For Password Less Login
In next step now we need to copy the generated SSH key to the Server we are trying to connect. For this we are going to use ssh-copy-id which installs an SSH key on a server as an authorized key. Here you need to give the location of the pub key and target remote host as input to the command.
ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
When you run this command it will ask you the password for the remote server, it is required only one time for setting up the password less authentication.
Once key is copied to the remote host as authorized key, you can try to connect to remote host using this command
Now you should be able to connect to a remote host without any password prompt. With this setup, we can do automation for all the task which required password earlier. I hope you are able to do Password Less Login Using ssh-keygen and ssh-copy-id