Here are the steps.
1. Generate SSH Key pair
the following command will generate your private and public key
ssh-keygen -t rsa
the -t options specifies which encryption algorithm to use , in this example I use RSA but something else can be used instead. the keys will be located in the ~/.ssh directory.
2. Copy public key to remote server
The following command will copy the public key to the remote server
ssh-copy-id -i ~/.ssh/identity.pub user@remoteServer
identity.pub : the name of the public key file you generated in the step above, example id_rsa.pub
user@remoteServer: the remote server you are trying to enable password-less login for and the user account you use to access that server.
alternatively you can manually append the contents of the id_rsa.pub file to the
~/.ssh/authorized_keys file on the remoteserver.
3. Try SSH!
try ssh user@remoteServer it should not ask you for a password and should launch directly into the session
Troubleshooting
You may hit some issues one way to figure out whats going on is to try to get more info.
On your machine try running ssh -v user@remoteServer. As that prints more debug information.
Similarly you can start sshd on debug on your remote server as well , this way it will report errors of why it may not authenticate your key.
One Common problem is that your directory permissions may be to permissive , especially the .ssh directory and the files in the directory. This will cause password less ssh to fail. if you don't want to change the directory permissions you can turn off Strict Mode in the sshd configuration located at /etc/ssh/sshd_config
No comments:
Post a Comment