Setting up SSH Passwordless Login Using SSH Keygen

Secure Shell (SSH) is a cryptographic network protocol used for secure connection between a client and a server and supports various authentication mechanisms. The two most popular mechanisms are passwords based authentication and public key based authentication.

In this post, we will configure password-less login on CentOS 7 using ssh keys to connect to remote servers without entering password.

Step #1: Generate a new SSH key pair

First log in on alwaysonlinux01 machine and generate a pair of authentication keys.

ssh-keygen –t rsa –P rsa –P ""

Use the default (/root/.ssh/id_rsa) for the key location and hit enter for an empty passphrase as show below:

Alwaysonlinux01


Repeat the above step on alwaysonLinux02 and alwaysonLinux03 machines as shown below.


Alwaysonlinux02


Alwaysonlinux03



Step #2: Copy the public key to remote host

Once we generate SSH key pair, copy the public key id_rsa.pub to the server you want to manage. The easiest way to copy public key to the server is to use a command called ssh-copy-id. On alwaysonLinux01 machine terminal type:

ssh-copy-id –i /root/.ssh/id_rsa.pub root@alwasyonlinux02

It will prompt to enter the username password. Enter password

Once the user is authenticated, the public key will be copied to the remote user authorized_key file. Verify key has been copied to remote server host on alwaysonlinux02 using a command below:


Step #3 Append the public key to the authorized_keys file.

Note: Perform this step on alwaysonlinux02 machine.
In step 2, we copied alwaysonlinux01 public key on alwaysonlinux02 machine.  Next, add this public key to the authorized_keys file using command as shown below:

cat id_rsa.pub >> authorized_keys
cat authorized_keys













After executing the above command, authorzied_key file on alwaysonlinux02 machine contains public key for both the machines. Now, Copy this authorized_keys file to alwaysonlinux03 server .ssh folder using command as shown below

scp authorized_keys root@alwaysonlinux03:/root/.ssh











Verify that key file has been copied to remote server host on alwaysonlinux03


Verify public key of alwaysonlinux03 server as show below:


AlwaysOnLinux03
Note: Perform this step on alwaysonlinux03 server
Now, add alwaysonlinux03 public key to the authorized_keys file using command as shown below

cat id_rsa.pub >> authorized_keys
cat authorized_keys


We have public key for all three machines in authorized_keys file.

Step #4 Copy and synchronize updated key file on all host

Authorized_key file on alwaysonlinux03 server has public key for all the three machines. Copy authorized_key file on both the server using command as shown below

scp authorized_keys root@alwaysonlinux02:/root/.ssh
scp authorized_keys root@alwaysonlinux01:/root/.ssh


Step #5 Verify authorized_keys file on all host

All the host has public key enclosed in authorized_key file.

Alwaysonlinux01

Alwaysonlinux02

Alwaysonlinux03

Now we are able to connect to each host using SSH.


Note: You may see this warning. This happens on your first connection and is normal.
Are you sure you want to continue connecting (yes/no)?
Yes

No comments:

Post a Comment