Trusted secure shell (SSH, SCP) access

Posted in Thursday, August 13, 2009 ¬ 18:15h.webmasterNo Comments »

beastie The requirement for manually typing in a password when accessing a remote host or distributing files can be a problem, such as when working in a server environment or using automated scripts.

A solution to this can be to implement trusted secure shell (SSH, SCP) access. This is also referred to as passwordless SSH or SCP access. It which allows a user or a script to securely login from one host to another via local network or via internet without the requirement for manually typing in a password. This is possible by the use of a private and public RSA key pair.

It is assumed, that the remote host allow the use of public key authentication, and, that the remote host has correct file and folder permissions.

Log on to the client and perform the following command, that will generate the needed pair of keys.

ssh-keygen -t rsa

During this, a password, also called passphrase, is not typed in. The key pair are stored in a file each. The private key will only be readable and writeable for the user. No one else must see the content of that file, as it is used to decrypt communication, encrypted with the public key. The public key will in addition be readable to others.

Copy the public key into memory.

cat ~/.ssh/id_rsa.pub

Log on to the server and paste the public key into the collection of authorized keys.

cd ~/ssh
nano -w authorized_keys

The user or the script on the client is now trusted by the server to operate via SSH or SCP without the requirement for manually typing in a password.

Print
Procedure, System Management

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>