Home About BC DR HA Support Training Download
You are here: Home/ Downloads/ Security/ Please Login or Register

-
Current Location
-

js
  Downloads
    Security
-
AIX Admin Methodology
Global Consolidation Project
All AIX admins should join
www.aixexpert.com


Join our LinkedIn Group
AIX Advanced Technical Experts
Contract Opportunities

www.LinkedIn.com

-
digg Digg this page
del.icio.us Post to del.icio.us
Slashdot Slashdot it!


LPAR Leasing
Lease an AIX / i5 LPAR
Reduce your costs

www.mtxia.com

Server Leasing
Lease a Server off-site
Reduce your costs

www.mtxia.com

Data Center Automation
Business Continuity and DR
Virtualization/Consolidation

www.mtxia.com

HMC Service
Hardware Management Console
Manage Remote AIX / i5 LPARs

www.siteox.com

Business Web Site Hosting
$3.99 / month includes Tools,
Shopping Cart, Site Builder

www.siteox.com

Disaster Recovery
Small Business Oriented
Off-Site Facilities

www.mtxia.com

IBM pSeries / iSeries
Reduce your Costs
Off-Site Server Hosting

www.mtxia.com

Remote login without requiring a password using ssh or scp

OR

Password free remote login using ssh or scp

This document describes the procedure to setup "ssh" to allow a user to login to a remote machine without requiring a password. This procedure assumes that "ssh" is installed and operational, and the user performing this procedure has an identical username on each machine involved in this process.


  • Generate the public/private keys
    As the user you want to be able to login without entering a password, generate the pubic/private keys using the "ssh-keygen" utility. For this first example, do not enter a passphrase. The next example will illustrate how to use the passphrase.
    $ ssh-keygen  -t  rsa
                
  • Copy the public key to the remote location
    Copy the public key, generated from the previous command, to the remote location using the "scp" utility (or the utility of your choice). The public key will exist in the home directory of the user under the subdirectory ".ssh" and will have the filename "id_rsa.pub". This file should be copied to the remote location to the ".ssh" subdirectory under the users home directory, and have the remote filename of "authorized_keys2". Before copying the file, set the permissions of the file to "644". In the following command the variable "${REMOTEMACHINE}" represents the IP name of the remote machine.
    $ chmod  644  ~/.ssh/id_rsa.pub
    $ scp  ~/.ssh/id_rsa.pub  ${REMOTEMACHINE}:.ssh/authorized_keys2
                
  • Test the password-free login
    The password-free login setup is complete and can be tested using "ssh" or any other secure remote command. In the following command the variable "${REMOTEMACHINE}" represents the IP name of the remote machine.
    $ ssh  ${REMOTEMACHINE}
                

  • This next example illustrates the use of the "passphrase" with the "ssh-keygen" utility. This technique requires the user to enter a "passphrase" when a command is executed initially, but then automatically performs authentication to remote machines. So once the initial passphrase is entered, the user can execute as many remote commands as they wish without entering a password.

  • Generate the public/private keys
    As the user you want to be able to login without entering a password, generate the pubic/private keys using the "ssh-keygen" utility. You will be asked to enter a "passphrase" and to verify that "passphrase". Enter a value you wish to use.
    $ ssh-keygen  -t  rsa
                
  • Copy the public key to the remote location
    Copy the public key, generated from the previous command, to the remote location using the "scp" utility (or the utility of your choice). The public key will exist in the home directory of the user under the subdirectory ".ssh" and will have the filename "id_rsa.pub". This file should be copied to the remote location to the ".ssh" subdirectory under the users home directory, and have the remote filename of "authorized_keys2". Before copying the file, set the permissions of the file to "644". In the following command the variable "${REMOTEMACHINE}" represents the IP name of the remote machine.
    $ chmod  644  ~/.ssh/id_rsa.pub
    $ scp  ~/.ssh/id_rsa.pub  ${REMOTEMACHINE}:.ssh/authorized_keys2
                
  • Create an alias (optional)
    Create an alias that will execute a command under the control of the "ssh-agent". The command to be executed should be a command that will allow the user to execute other commands, such as a shell or X-Windows. The following example uses the Korn Shell.
    $ alias ssh-ksh="ssh-agent /usr/bin/ksh"
                
  • Execute a command under control of "ssh-agent"
    Execute a shell command or X-Windows under control of the ssh-agent. Then add your passphrase to the list of known identities using the "ssh-add" utility. You will be prompted to enter your "passphrase". The following example assumes you created the alias in the previous step.
    $ ssh-ksh
    $ ssh-add
      Enter passphrase? <enter your passphrase here>
                
  • Execute remote commands
    The password-free login setup is complete and can be tested using "ssh" or any other secure remote command. In the following command the variable "${REMOTEMACHINE}" represents the IP name of the remote machine.
    $ ssh  ${REMOTEMACHINE}
                
  • -
    No Passwd Required
    -
     


    LPAR Leasing
    Lease an AIX / i5 LPAR
    Reduce your costs

    www.mtxia.com

    Server Leasing
    Lease a Server off-site
    Reduce your costs

    www.mtxia.com

    Data Center Automation
    Business Continuity and DR
    Virtualization/Consolidation

    www.mtxia.com

    HMC Service
    Hardware Management Console
    Manage Remote AIX / i5 LPARs

    www.siteox.com

    Business Web Site Hosting
    $3.99 / month includes Tools,
    Shopping Cart, Site Builder

    www.siteox.com

    FREE Domain Registration
    included with Web Site Hosting
    Tools, Social Networking, Blog

    www.siteox.com

    Disaster Recovery
    Small Business Oriented
    Off-Site Facilities

    www.mtxia.com

    IBM pSeries / iSeries
    Reduce your Costs
    Off-Site Server Hosting

    www.mtxia.com