HPE Community
Operating System - HP-UX
1834178 Members
2559 Online
110064 Solutions
New Discussion

ssh question

 
SOLVED
Go to solution
Ragni Singh
Super Advisor

‎01-23-2002 09:41 AM

‎01-23-2002 09:41 AM

ssh question

Hello,

What option can I use with ssh that would not ask me for a password when I ssh to another system?. I'm running a script that looks for a file in different servers. I'd like to be able to get to that system and not asked for a password. Any help will be greatly appreciated.
0 Kudos
Reply
4 REPLIES 4
Sridhar Bhaskarla
Honored Contributor

‎01-23-2002 09:45 AM

‎01-23-2002 09:45 AM

Re: ssh question

Sanman,

1. Genereate public keys using ssh-keygen with a pass-phrase
2. Append identify.pub to authorized_keys on the target system.
3. Run ssh-agent with ssh-add to remember the passphrase

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
D. Jackson_1
Honored Contributor

‎01-23-2002 09:49 AM

‎01-23-2002 09:49 AM

Re: ssh question

I am new to ssh but try this.

Make a directory .ssh under your home directory on the target system. In that directory vi a file named authorized_keys.

In this file put your authorized key that you have on the other server. It should be the same key that you generated on the server that you are coming from.
This will allow you to log in without a password..


Good Luck...
0 Kudos
Reply
Uday_S_Ankolekar
Honored Contributor

‎01-23-2002 09:59 AM

‎01-23-2002 09:59 AM

Solution

Re: ssh question

To run ssh without a password, you should make use of trusting of public keys.

Below is the detailed configuration to implement based on SSH2 protocol, I think latest is ssh-3.0.1 for this implementation

On Servar A:


1) Login to user account, then run ssh-keygen to generate the public key on the client

user> ssh-keygen

ssh-keygen will create a .ssh2 directory and store your public key into a file (default filename id_dsa_1024_a.pub) and your private key into a file (default filename id_dsa_1024_a).

2) In your identification file, insert the Identification Key reference.

client_user> cd $HOME/.ssh2
client_user> vi identification

IdKey id_dsa_1024_a

3) Copy your public key (id_dsa_1024_a.pub) to the server B (into the .ssh2 directory)

On SERVER B:


1) Create the .ssh2 directory. Alternatively, also run ssh-keygen if you want to use this server_user account to ssh to another server2_user account.

server_user> cd $HOME
server_user> mkdir .ssh2
server_user> chmod 700 .ssh2

2) In the authorization file, insert your public key reference.

server_user> cd .ssh2
server_user> vi authorization

Key id_dsa_1024_a.pub

Initialization:
==============

1) During your first ssh, it may prompt you whether you would like to save the host key because if it is the first time you are scp'ing from this client to that server.

2) Note that your /etc/ssh2/sshd2_config on your server must allow for publickey authentication method.


-USA..
Good Luck..
Reply
Craig Rants
Honored Contributor

‎01-23-2002 10:24 AM

‎01-23-2002 10:24 AM

Re: ssh question

Here are my notes on how I did it.

6) Generate root's key
/opt/openssh2/bin/ssh-keygen
press enter when prompted for file location
press enter when prompted for passphrase


12) Setup trust with hostname1
On the hostname1:
cd /roots/.ssh
scp identity.pub client_hostname:/roots/.ssh/identity.pub.hostname1 (where the
client_hostname is the name of the box you are installing ssh on)
On client_hostname
cd /roots/.ssh
cat identity.pub.hostname1 >> authorized_keys

13) Try the trust connection
On hostname1:
ssh -v client_hostname (watch for errors in the output, you should get in without
being prompted for a password)

GL,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.