Passwordless logins

From LQWiki
Jump to navigation Jump to search

A passwordless login is possible via ssh if you have established a trust relationship between two computers like this:

scorpio:~ # ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
1c:9a:b8:03:ab:04:b3:7b:75:49:99:8c:51:79:5d:06 root@scorpio
scorpio:~ # scp .ssh/id_dsa.pub root@foo:~/.ssh/authorized_keys

In this example, you create a key pair with no passphrase and distribute the public key from the computer scorpio to foo. The user root from scorpio no longer needs to authenticate with his password, he can log in to foo from scorpio with the command

scorpio:~ # ssh foo
Welcome to foo.
foo:~ #