This document describes how to establish passwordless SSH connections between servers to allow running remote commands without a password. It explains generating public/private key pairs with ssh-keygen, copying the public key to the target server's ~/.ssh/authorized_keys file, and testing the connection. Appending to authorized_keys is recommended instead of overwriting it to avoid removing existing SSH trust relationships. The process also needs to be repeated in reverse to allow the target server to connect back without a password.
This document describes how to establish passwordless SSH connections between servers to allow running remote commands without a password. It explains generating public/private key pairs with ssh-keygen, copying the public key to the target server's ~/.ssh/authorized_keys file, and testing the connection. Appending to authorized_keys is recommended instead of overwriting it to avoid removing existing SSH trust relationships. The process also needs to be repeated in reverse to allow the target server to connect back without a password.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online from Scribd
This document describes how to establish passwordless SSH connections between servers to allow running remote commands without a password. It explains generating public/private key pairs with ssh-keygen, copying the public key to the target server's ~/.ssh/authorized_keys file, and testing the connection. Appending to authorized_keys is recommended instead of overwriting it to avoid removing existing SSH trust relationships. The process also needs to be repeated in reverse to allow the target server to connect back without a password.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online from Scribd
A Trust relationship can be established for users on multiple servers running OpenSSH to allow a password free ssh session. This is sometime important when you want to run scripts or commands remotely. Most part of this article is common for most if not all of the UNIX/LINUX flavors except the following which steps to uncomment a few lines from the ssh_config file in Solaris: Uncomment the following lines from the /usr/local/etc/ssh_config file: RSAAuthentication yes IdentityFile ~/.ssh/id_rsa Now, let's assume ServerA and ServerB both run the ssh daemons.To allow ServerA to SSH to ServerB without password, please try the following: # ssh-keygen -t rsa Note: User here is root. This generates two files id_rsa.pub and id_rsa Now, this needs to be copied to the authorized_keys file on ServerB # scp id_rsa.pub ServerB:~/.ssh/authorized_keys
Submitted By: BirlaSoft 2 of 3 Classification: GE Birlasoft Confidential
Page
Application Migration Version 1.0
Enter password when prompted. BEWARE: If the ServerB is already having a trust relationship with more that one hosts already then the above will wipe the contents and write this key alone. In which case, copy the file to the remote server as something like ServerA_rsa.pub and then append the contents to authorized_keys as follows. This will allow the existing authroized_keys from being wiped off. # scp id_rsa.pub ServerB:~/.ssh/ServerA_rsa.pub # cat ServerA_rsa.pub >> authorized_keys Thats it. Test if you are able to do a ssh from ServerA without a password: # ssh serverB uname -a This will run the command "uname -a" on ServerB and returns the result on ServerA. The same procedure has to be followed in the reverse to allow ServerB to talk back to ServerA And, if there is anyone other server to be added to the existing list follow the same procedure ensuring the key is appended to the remote servers authorized_keys file and not by overwriting it. without any password.
----------- END -----------
Submitted By: BirlaSoft 3 of 3 Classification: GE Birlasoft Confidential