Setting up SSH Passwordless Login Using SSH Keygen

Secure Shell (SSH) is a cryptographic network protocol used for secure connection between a client and a server and supports various authentication mechanisms. The two most popular mechanisms are passwords based authentication and public key based authentication.

In this post, we will configure password-less login on CentOS 7 using ssh keys to connect to remote servers without entering password.

Step #1: Generate a new SSH key pair

First log in on alwaysonlinux01 machine and generate a pair of authentication keys.

ssh-keygen –t rsa –P rsa –P ""

Use the default (/root/.ssh/id_rsa) for the key location and hit enter for an empty passphrase as show below:


Repeat the above step on alwaysonLinux02 and alwaysonLinux03 machines as shown below.



Step #2: Copy the public key to remote host

Once we generate SSH key pair, copy the public key to the server you want to manage. The easiest way to copy public key to the server is to use a command called ssh-copy-id. On alwaysonLinux01 machine terminal type:

ssh-copy-id –i /root/.ssh/ root@alwasyonlinux02

It will prompt to enter the username password. Enter password

Once the user is authenticated, the public key will be copied to the remote user authorized_key file. Verify key has been copied to remote server host on alwaysonlinux02 using a command below:

Step #3 Append the public key to the authorized_keys file.

Note: Perform this step on alwaysonlinux02 machine.
In step 2, we copied alwaysonlinux01 public key on alwaysonlinux02 machine.  Next, add this public key to the authorized_keys file using command as shown below:

cat >> authorized_keys
cat authorized_keys

After executing the above command, authorzied_key file on alwaysonlinux02 machine contains public key for both the machines. Now, Copy this authorized_keys file to alwaysonlinux03 server .ssh folder using command as shown below

scp authorized_keys root@alwaysonlinux03:/root/.ssh

Verify that key file has been copied to remote server host on alwaysonlinux03

Verify public key of alwaysonlinux03 server as show below:

Note: Perform this step on alwaysonlinux03 server
Now, add alwaysonlinux03 public key to the authorized_keys file using command as shown below

cat >> authorized_keys
cat authorized_keys

We have public key for all three machines in authorized_keys file.

Step #4 Copy and synchronize updated key file on all host

Authorized_key file on alwaysonlinux03 server has public key for all the three machines. Copy authorized_key file on both the server using command as shown below

scp authorized_keys root@alwaysonlinux02:/root/.ssh
scp authorized_keys root@alwaysonlinux01:/root/.ssh

Step #5 Verify authorized_keys file on all host

All the host has public key enclosed in authorized_key file.




Now we are able to connect to each host using SSH.

Note: You may see this warning. This happens on your first connection and is normal.
Are you sure you want to continue connecting (yes/no)?

No comments:

Post a Comment