Wednesday, April 1, 2015

Setting up SSH without password (using key)



Local Setup:
Generate RSA Key
 ssh-keygen -t rsa -N ''  

Remote Setup:
Copy local public RSA Key (generated above) to default location .ssh/authorized_keys


Ensure sshd_config:
 RSAAuthentication yes  
 PubkeyAuthentication yes  
 StrictModes no  
Note that StrictModes can be 'yes' if the keyfile and folder permissions are set to 775. 

Restart sshd

Dont' forget to restart the service

 service sshd restart  

Additional notes
If you logging in with other user, you need to ensure the following
  1. Use ssh -i <key file>
  2. known_hosts file containing the finger print for the remote host is exist for the current user
    • Windows: .ssh\known_hosts must exist or created through SYSTEM user at OS root (ie. C:\.ssh
    • Linux: /etc/ssh/ssh_known_hosts must exist to allow all users to connect
Note: Example of logging in with other user is when you try to connect via web service (apache). When you execute via apache, the user is apache or wwwrun which is not the user that you have generated the key above.

Enjoy!

This entry is valid for rsync from command line or rsync from php whether on Linux (centos, ubuntu, fedora, opensuse) or on Windows systems.

:: aerobrainTech ::