Tuesday, July 10, 2007

SSH without password

Using the below steps, you can ssh to the server from client without the entering any password.
The machine which run the ssh command is the client
The machine that the client access using ssh is the server

  1. Run the following command on the client
    • -> ssh-keygen -t dsa
  2. File id_dsa and id_dsa.pub will be created inside $HOME/.ssh
  3. Copy id_dsa.pub to the server's .ssh directory
    • -> scp $HOME/.ssh/id_dsa.pub user@server:/home/user/.ssh
  4. Change to /root/.ssh and create file authorized_keys containing id_dsa content
    • -> cd /home/user/.ssh
    • -> cat id_dsa >> authorized_keys
  5. Change "StrictModes yes" in /etc/ssh/sshd_config to "StrictModes no"
  6. Restart ssh server
  7. You can try ssh to the server from the client and no password will be needed
    • -> ssh user@server
Another alternative to the above steps is to use ssh-copy-id command. The steps are:
  1. Run the following command on the client
    • -> ssh-keygen -t dsa
  2. File id_dsa and id_dsa.pub will be created inside $HOME/.ssh
  3. Copy the id_dsa.pub to the server's .ssh directory
    • -> ssh-copy-id -i ~/.ssh/id_dsa.pub user@server
  4. Change "StrictModes yes" in /etc/ssh/sshd_config to "StrictModes no"
  5. Restart ssh server
  6. You can try ssh to the server from the client and no password will be needed
    • -> ssh user@server
Thanks to nailer for this information

10 comments:

Anonymous said...

Wonderful. I've been searching for this for several days. Clear and easy to understand. Thanks.

Anonymous said...

Awesome! Straight to the point! Thanks!

sjoshi said...

Hi, I tried the same thing but it doesn't seem to work on RedHat linux... it is still asking me for the password. Do I have to change the configuration or permissions somewhere for this to work?

blackorga said...

Hi sjoshi,

This method was tested on CentOS, which can be regarded as Redhat Linux's twin. You can try restarting the server's sshd, if following the method still fails. Thanks

Anonymous said...

Should the name of the file in remoteserver .ssh/authorized_keys.
Is there anyway to configure the file name?

Alexey Dementyev said...

#!/usr/bin/expect -f

if { [llength $argv] < 3 } {
send "Usage: ssh2 \n"
exit;
}

set host [lrange $argv 0 0]
set user [lrange $argv 1 1]
set pass [lrange $argv 2 2]
set supass [lrange $argv 3 3]

set timeout -1

spawn ssh $user@$host
match_max 100000

expect {
"*yes/no*" {
send -- "yes\r"
exp_continue
}
"*?assword:*" {
send -- "$pass\r"
}
}
interact

demon007 said...

how do i ssh myself without password

Anonymous said...

https://access.redhat.com/knowledge/solutions/8761

Anonymous said...

https://access.redhat.com/knowledge/solutions/8761

Андрей said...

"Change "StrictModes yes" in /etc/ssh/sshd_config to "StrictModes no" -- thank you -- that's what I need! I've lost half an hour trying to make ssh auth work.