Saturday, September 27, 2014

Turbo Mode SSH Logins

If your like me and have to logon to multiple Linux/UNIX systems by means of SSH, manually entering a password for each logon session can be a pain. The procedure below will enable you to run all of your SSH sessions password free.
We will use what is termed as public-key SSH authentication and the first thing that we need to do is to generate our public/private keypair. Open a shell prompt and type in the command:
$ ssh-keygen -t rsa
This will produce the output of:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/monk/.ssh/id_rsa):
Just press through all of the prompts. This creates two files, ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub. To use this keypair on a server try this:
$ ssh server “mkdir .ssh; chmod 0700 .ssh”
$ scp .ssh/id_rsa.pub server:.ssh/authorized_keys2
You will be prompted for your password after each command and you’ll need to substitute “server” with the actual hostname of the system that you want to connect to. After running these two commands you will not be prompted for a password.
There have been security concerns raised over the safety of this, but you have the same problem with passwords. Someone would have to compromise your account and gain access to your private key. I would also recommend incorporating a mandatory access control system on the private key such as Apparmor or SELinux, but that will be the subject of another post.

No comments:

Post a Comment