Thursday, October 24, 2019

How to SSH into Server Without Entering Password

In this post, I’ll show you how to bypass the password prompt and get you connected to your server immediately after you enter to execute the SSH command.

Why are we doing this?

One of the hassles when connecting to your server is the entering-password step.

Now, you might think – it’s not a big deal, it’s just an extra step – but what if you have a reasonably complex password that you need to retrieve from somewhere else (notes, or password management app). Or your job requires you to access the servers frequently, then skipping small steps like entering passwords can help speed things up big time.

An idea of how it works (and it’s safe)

Traditionally, to login to the server, you do these steps in its chronological order:

  1. Type ssh username@domain.com, hit Enter/Return
  2. Type/paste password, hit Enter/Return
  3. You’re in!

We’re going to eliminate Step 2; after inserting ssh username@domain.com and hitting Enter/Return, you’re immediately connected to the server. How about that?

And don’t worry, this is extremely secure, as long as you ensure no unauthorized personnel can gain access to your PC.

Let’s get started.

1 – Collect the following information

Before we dive into the execution, here is some information about your local machine and remote server you need to collect beforehand.

Write them down in a note, or at least have them accessible at ease.

(1.1) – Path to SSH folder in the local machine.

This is the path to .ssh/ on your machine. It varies from one operating system to another.

Examples:

  • macOS/Users/username/.ssh/
  • Windows/c/Users/username/.ssh/id_rsa.pub

For more information on how to find the path to ssh folder in Windows 10, click here.

Note: For macOS users, typing the command cd ~/.ssh will usually bring you into the .ssh folder.

(1.2) – Information for remote server

You need the credentials and several other details about your server. In short, collect the following:

  1. Hostname/ IP
  2. Username
  3. Password
  4. Port number
(1.3) – Path to “authorized_key” in the remote server

With the information gathered from 1.2, login to your server, and find the path to the “authorized_key” file.

The file is usually located at: /home/username/.ssh.

Have you gotten all the required information? Great, let’s proceed!

2. Getting an SSH Key

In order for the password-less SSH login to work, we will need an SSH key from your local computer.

Firstly, I’m going to show you how to check for an existing SSH Key on your local computer, how to remove existing SSH keys, and then finally creating a new SSH key.

If you’re sure that there are no existing SSH Keys in your local machine, then you can jump right ahead to creating a new SSH Key.

Checking for existing SSH Keys
  1. Open Terminal.
  2. Paste the following and hit Enter/Return: ls -al ~/.ssh.

If the folder contains files like the following, then SSH Keys exist on your local machine.

  • id_rsa
  • id_rsa.pub
ssh key existsssh key exists

You can either keep them, provided that you still remember their respective passphrases, else I’d recommend that you delete them.

If the folder is empty, then you’re set to creating your new SSH key.

Removing existing SSH Keys
  1. Open Terminal.
  2. Paste cd ~/.ssh && ls -al and hit Enter/Return. This will bring you into the SSH folder and list all existing files inside it.
  3. Identify all files with names like “id_rsa” and “id_rsa.pub”
  4. Delete each of them one by one using the following command: rm filename.Example: rm id_rsa.pub.

Note: If you’re performing this on a shared workstation or are unsure of which files to delete, do not proceed.

Generating new SSH Key

If your SSH folder is empty, then it probably looks something like this.

ssh key does not existssh key does not exist

Let’s start generating a new SSH Key.

  1. Open Terminal.
  2. Paste the following codes, replace “youremail@example.com” with your actual email address, and hit Enter/Return: ssh-keygen -t rsa -b 4096 -C "youremail@example.com".
  3. Hit Enter/Return (recommended) to use “id_rsa” as the default filename.
  4. Hit Enter/Return (recommended) to create an SSH key without a passphrase.

Your SSH Key has been successfully created, and your terminal should output something similar to the screenshot below.

ssh key generatedssh key generated

3. Upload SSH Key to Server

We’ve come to our last and final step – uploading the generated key (public key) to the server.

  1. Open Terminal.
  2. Type cd ~/.ssh to go inside the .ssh folder.
  3. Copy paste the following command after replacing “username/domain.com” and “/path/to/server/.ssh/authorized_keys” with actual server information:cat id_rsa.pub | ssh username/domain.com 'cat - >> /path/to/server/.ssh/authorized_keys'.

The command above will copy the public key in id_rsa.pub (from local machine) into authorized_keys (in remote server).

If the command executed correctly, you will be prompted to enter the password to the remote server, insert the password, and hit enter/return.

4. Testing

That’s it! Now, let’s give it a test.

  1. Open Terminal.
  2. Login to your server by entering ssh username@domain.com.

You should be able to login without entering the password.

Note: It’s worth noting that logging in without the password will only apply to the user where our public key is added. Assuming there are several users on our server: root, john and jane. You’ve added your public key to authorized_keys file that belongs to jane. You will be able to login to the SSH as jane without the password, but when need to login as root or john, you will still need to provide the password.

One last thing

Copy the following codes, replace “/path/to/.ssh/” with the actual path to your .ssh folder, and hit Enter/Return.

chmod 700 /path/to/.ssh && chmod 600 /path/to/.ssh/*

This will ensure your newly created SSH key be stored securely inside the .ssh folder.

The post How to SSH into Server Without Entering Password appeared first on Hongkiat.

https://goo.gl/hYDEHJ

No comments:

Post a Comment