In this post, I’ll show you how to bypass the password prompt and get you connected to your server immediately after you enter to execute the SSH command.
Why are we doing this?
One of the hassles when connecting to your server is the entering-password step.
Now, you might think – it’s not a big deal, it’s just an extra step – but what if you have a reasonably complex password that you need to retrieve from somewhere else (notes, or password management app). Or your job requires you to access the servers frequently, then skipping small steps like entering passwords can help speed things up big time.
An idea of how it works (and it’s safe)
Traditionally, to login to the server, you do these steps in its chronological order:
- Type
ssh username@domain.com
, hit Enter/Return - Type/paste password, hit Enter/Return
- You’re in!
We’re going to eliminate Step 2; after inserting ssh username@domain.com
and hitting Enter/Return, you’re immediately connected to the server. How about that?
And don’t worry, this is extremely secure, as long as you ensure no unauthorized personnel can gain access to your PC.
Let’s get started.
1 – Collect the following information
Before we dive into the execution, here is some information about your local machine and remote server you need to collect beforehand.
Write them down in a note, or at least have them accessible at ease.
(1.1) – Path to SSH folder in the local machine.
This is the path to .ssh/ on your machine. It varies from one operating system to another.
Examples:
- macOS –
/Users/username/.ssh/
- Windows –
/c/Users/username/.ssh/id_rsa.pub
For more information on how to find the path to ssh folder in Windows 10, click here.
Note: For macOS users, typing the command cd ~/.ssh
will usually bring you into the .ssh folder.
(1.2) – Information for remote server
You need the credentials and several other details about your server. In short, collect the following:
- Hostname/ IP
- Username
- Password
- Port number
(1.3) – Path to “authorized_key” in the remote server
With the information gathered from 1.2, login to your server, and find the path to the “authorized_key” file.
The file is usually located at: /home/username/.ssh
.
Have you gotten all the required information? Great, let’s proceed!
2. Getting an SSH Key
In order for the password-less SSH login to work, we will need an SSH key from your local computer.
Firstly, I’m going to show you how to check for an existing SSH Key on your local computer, how to remove existing SSH keys, and then finally creating a new SSH key.
If you’re sure that there are no existing SSH Keys in your local machine, then you can jump right ahead to creating a new SSH Key.
Checking for existing SSH Keys
- Open Terminal.
- Paste the following and hit Enter/Return:
ls -al ~/.ssh
.
If the folder contains files like the following, then SSH Keys exist on your local machine.
- id_rsa
- id_rsa.pub
You can either keep them, provided that you still remember their respective passphrases, else I’d recommend that you delete them.
If the folder is empty, then you’re set to creating your new SSH key.
Removing existing SSH Keys
- Open Terminal.
- Paste
cd ~/.ssh && ls -al
and hit Enter/Return. This will bring you into the SSH folder and list all existing files inside it. - Identify all files with names like “id_rsa” and “id_rsa.pub”
- Delete each of them one by one using the following command:
rm filename
.Example:rm id_rsa.pub
.
Note: If you’re performing this on a shared workstation or are unsure of which files to delete, do not proceed.
Generating new SSH Key
If your SSH folder is empty, then it probably looks something like this.
Let’s start generating a new SSH Key.
- Open Terminal.
- Paste the following codes, replace “youremail@example.com” with your actual email address, and hit Enter/Return:
ssh-keygen -t rsa -b 4096 -C "youremail@example.com"
. - Hit Enter/Return (recommended) to use “id_rsa” as the default filename.
- Hit Enter/Return (recommended) to create an SSH key without a passphrase.
Your SSH Key has been successfully created, and your terminal should output something similar to the screenshot below.
3. Upload SSH Key to Server
We’ve come to our last and final step – uploading the generated key (public key) to the server.
- Open Terminal.
- Type
cd ~/.ssh
to go inside the .ssh folder. - Copy paste the following command after replacing “username/domain.com” and “/path/to/server/.ssh/authorized_keys” with actual server information:
cat id_rsa.pub | ssh username/domain.com 'cat - >> /path/to/server/.ssh/authorized_keys'
.
The command above will copy the public key in id_rsa.pub (from local machine) into authorized_keys (in remote server).
If the command executed correctly, you will be prompted to enter the password to the remote server, insert the password, and hit enter/return.
4. Testing
That’s it! Now, let’s give it a test.
- Open Terminal.
- Login to your server by entering
ssh username@domain.com
.
You should be able to login without entering the password.
Note: It’s worth noting that logging in without the password will only apply to the user where our public key is added. Assuming there are several users on our server: root, john and jane. You’ve added your public key to authorized_keys
file that belongs to jane. You will be able to login to the SSH as jane without the password, but when need to login as root or john, you will still need to provide the password.
One last thing
Copy the following codes, replace “/path/to/.ssh/” with the actual path to your .ssh folder, and hit Enter/Return.
chmod 700 /path/to/.ssh && chmod 600 /path/to/.ssh/*
This will ensure your newly created SSH key be stored securely inside the .ssh folder.
The post How to SSH into Server Without Entering Password appeared first on Hongkiat.
https://goo.gl/hYDEHJ
No comments:
Post a Comment