My Adventures in Coding

December 22, 2011

Linux – How to ssh between two linux computers without needing a password

Filed under: Linux — Brian @ 10:44 pm
Tags: ,

Having to constantly type in your password on a linux server that you ssh to often can get to be an annoyance. Luckily this is an easy problem to solve. Since I always end up forgetting how to do this setup, I thought I would finally write this down, even if just for my own reference :).

1. ssh to server1

Connect to server1 and generate a public/private key pair.

 
ssh myusername@server1
password:
ssh-keygen -t rsa

When you run this command you will be prompted to answer several questions. Just hit enter each time until you are returned to a prompt.

Generating public/private rsa key pair.
Enter file in which to save the key (/home/local/myusername/.ssh/id_rsa): 
Created directory '/home/local/myusername/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/local/myusername/.ssh/id_rsa.
Your public key has been saved in /home/local/myusername/.ssh/id_rsa.pub.
The key fingerprint is:
15:68:47:67:0d:40:e1:7c:9a:1c:25:18:be:ab:f1:3a myusername@server1
The key's randomart image is:
+--[ RSA 2048]----+
|        .*Bo=o   |
|       .+o.*  .  |
|       ...= .    |
|         + =     |
|        S +      |
|         .       |
|      . .        |
|      E+         |
|      oo.        |
+-----------------+

Now you will need to copy the public key you just generated and save it somewhere, you will need it later. Also ensure when you copy the key that the text is all on one line, if there are line breaks in the text, it will cause problems later when you try and use the key.

cd .ssh
cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyFS7YkakcjdyCDOKpE4RrBecRUWShgmwWnxhbVNHmDtJtK
PqdiLcsVG5PO94hv3A0QqlB1MX33vnP6HzPPS7L4Bq+5plSTyNHiDBIqmZqVVxRbRUKbP44BaA9RsW2ROu
8qdzmXRPupkyFBBOLa23RJJojBieFGygR2OwjS8cq0kpZh1I3c1fbU9I5j38baUK0naTBe2v7s/C8allnJ
hwkfds+Q9/kjaV55pMZIh+9jhoA8acCA6B55DYrgPSycW6fEyV/1PIER+a5lOXp1QCn0U+XFTb85dp5fW0
/rUnu0F9nBJFlo7Rvc1cMuSUiul/wvJ8tzlOhU8FUlHvHqoUUw== myusername@server1

2. ssh to server2

Now we will copy the public key from server1 to server2.

ssh myusername@server2
password:
mkdir .ssh
cd .ssh
vi authorized_keys
# paste the public key
chmod 600 authorized_keys

3. Test that your setup is working

ssh myusername@server1
password:
ssh myusername@server2
# you should not be prompted for a password!

That is all! (Thanks Dave!)

Advertisements

11 Comments »

  1. this was great

    Comment by anthonyvenable110 — December 27, 2011 @ 12:59 pm | Reply

  2. Really awesome post…… LINUX the best….

    Comment by Sinbad Konick @Linux The Best — December 31, 2011 @ 11:39 am | Reply

  3. nice tutorial, thank you!

    Comment by marcelo — June 27, 2013 @ 11:29 am | Reply

  4. A very useful post. I used it in conjunction with a small snippet of code to dump and load a mySQL database from one server to another. Have a look at this:

    ssh -C user@server ‘mysqldump -u username –password=password -D dbname | gzip’ | gzip -d | mysql -u username –password=password -D dbname

    Thanks and keep up the good work!

    Comment by Powerball — August 7, 2013 @ 1:13 pm | Reply

  5. This was the simplest setup I have seen on the internet. I don’t know why everyone else has to make it so convoluted. Good Job!

    Comment by Widgeteye — February 28, 2014 @ 11:11 pm | Reply

  6. Sorry for my ignorance, but I do have a question regarding Steps #1 & #2.
    From where do I run SSH to server1?
    From where do I run SSH to server2?
    Are you using a third machine as your workstation to SSH into each of these servers?

    I am new to linux and ssh. I would like to know how to do exactly what you are doing here. I have a business need. For testing I have loaded linux on two pcs. (I also have a windows 7 workstation.) I can use SSH with a password to connect between the two linux boxes but my private & public keys are not working.

    Is it possible to dummy this down for me. lol. Thanks!

    Comment by Lefty — March 3, 2014 @ 7:50 pm | Reply

    • Hi, yes I am using a third machine, I am opening an SSH terminal window into each Linux server from my Windows workstation. Since your workstation is Windows as well, you can use the free SSH client Putty, which you can download here. With this tool you can SSH into server 1 and open another SSH session to server 2 and complete the setup as shown in the instructions.

      I hope that helps!

      Comment by Brian — March 4, 2014 @ 9:28 am | Reply

      • Thank you for the prompt reply.

        Here are the locations of my keys configurations:
        My user ID is russ on both machines.
        On server1: /home/russ/.ssh/id_rsa
        On server2: /home/russ/.ssh/authorized_keys
        I connect with ssh from server1 to server2 and am still prompted for a password.
        I found on one website where it suggested I rename authorized_keys to authorized_keys2. I tried that too but it didn’t make a difference.

        Do I need to run ssh-agent or ssh-add or copy the keys somewhere else?
        Server1 is Ubuntu workstation. I had to install OpenSSH. I accepted defaults.
        Server2 is Fedora workstation. OpenSSH was already installed.
        I entered a passcode when generating the keys.

        Thank you for your help.

        Comment by Lefty — March 4, 2014 @ 10:14 am

      • When I did this setup it was between two CentOS machines, but that should not make much difference. One thing noted in the instructions is that when you copy the public key to the second server, make sure there are no line breaks in the key text, trialing spaces, trailing new lines, etc. Those are things that have caught me in the past. Maybe something to check.

        Comment by Brian — March 4, 2014 @ 11:52 am

      • Just for giggles I tried to use scp and received the following error message after I entered my password:

        Permission denied, please try again.
        Permission denied, please try again.
        Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
        lost connection

        Comment by lefty — March 4, 2014 @ 11:46 am

  7. Thanks. I had taken id_rsa.pub and simply renamed it to: authorized_keys

    I think I will delete everything and start over… again. I’ve done this four or five times.

    Thanks.

    Comment by lefty — March 4, 2014 @ 1:11 pm | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: