LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
LinkBack Search this Thread
Old 02-12-2010, 08:07 PM   #1
kenpachi
LQ Newbie
 
Registered: Feb 2010
Posts: 1

Rep: Reputation: 0
Passwordless login in using ssh via non root user


Hi, I have been trying to establish a connection between two pcs via the ssh channel. I successfully made the connection as a root user, but when i tried as a non root user i had to type in the password the make contact with the other pc. And besides this could someone tell me how exactly does this passwordless login actually work?
 
Old 02-12-2010, 08:16 PM   #2
evo2
Senior Member
 
Registered: Jan 2009
Location: Japan
Distribution: Debian
Posts: 4,821

Rep: Reputation: 1022Reputation: 1022Reputation: 1022Reputation: 1022Reputation: 1022Reputation: 1022Reputation: 1022Reputation: 1022
ssh -v and reading the sshd logs (eg /var/log/auth.log on Debian) are the place to start when debugging these types of ssh problems.

I'm assuming you are using rsa or dsa public key authentication. Basically the server sends a packet encrypted with your public key. You decrypt it with your private key and send it back to the server. The server sees that you hold the private key, authenticating your login.

Evo2.
 
Old 02-14-2010, 12:49 PM   #3
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 248Reputation: 248Reputation: 248
Quote:
Originally Posted by kenpachi View Post
Hi, I have been trying to establish a connection between two pcs via the ssh channel. I successfully made the connection as a root user, but when i tried as a non root user i had to type in the password the make contact with the other pc. And besides this could someone tell me how exactly does this passwordless login actually work?
You need to make a new key pair and add the public key to the users ~/.ssh/authorized_keys2 file on the remote machine.
Exactly the same as the way you set it up for root, but in the users home directory instead.

I wrote this howto some time ago :
http://forums.theplanet.com/index.ph...c=32847&hl=ssh
 
Old 02-15-2010, 10:37 AM   #4
mrrangerman
Member
 
Registered: Oct 2007
Location: MI
Distribution: Debian Slackware
Posts: 528

Rep: Reputation: 50
How to set up ssh so passwd is not needed.

To set up a system so that no passwd is needed two keys must be generated and copied to a file per known-host. The two keys are called rsa and dsa, of these keys two keys will be genterated per key, a private key and a public key.

Open a terminal window and create the keys, this is done with the ssh-keygen utility. Lets create the first key.

Code:
hostname:$ssh-keygen -t rsa
The utility will ask for a file to copy the key to, just press enter, this will copy the key to the default location, (~/.ssh)
Next the utility will ask for a pass phrase, if you don't want to be bothered with entering a pass phrase just press enter, confirm again. Now you will be given a key fingerprint and the keys (id_rsa and id_rsa.pub) will be copied to your home .ssh directory.

Now create the second keys.

Code:
hostname:$ssh-keygen -t dsa
Again as with the rsa keys you will be asked for a file to copy the keys to, just press enter, and also asked for a pass phrase again if you don't want to bother with entering a pass phrase just press enter.
Now a second set of keys will be genterated and copied to the ~/.ssh directory. Ok lets change into the .ssh directory.

Code:
hostname:$cd ~/.ssh
Do a ls to list the contents of the .ssh directory the output should look something like this

Code:
id_dsa  id_dsa.pub  id_rsa  id_rsa.pub  known_hosts

hostname:~/.ssh$
Now we need to copy the public keys to a file called authorized_keys. At the terminal type

Code:
hosdname:~/.ssh$cat id_rsa.pub > authorized_keys; cat id_dsa.pub >> authorized_keys
What this command has done is copied the contents of the id_rsa.pub key to a file called authorized_keys then apended the id_dsa.pub key to that same file. So now if you do a ls or list the contents of the .ssh directory you will see a new file added called authorized_keys.

Now we need to copy the authorized_keys file to the remote host we would like to ssh into without having to enter a passwd everytime. We will use the scp utility to do this, lets say the remote-host we want to ssh into has a ip of 192.168.1.100 then the command would be.

Code:
hostname:~/.ssh$scp authorized_keys 192.168.1.100:/home/username/.ssh
Make sure to enter the home directory name for the remote system, you will be prompted for a password, enter the password and the authorized_keys file will be copied to the remote hosts .ssh directory.

Now if you need to ssh into a remote-host all that is needed is to enter ssh /ipaddress/ and you will not be asked for a passwd. SSH will authenticate using the rsa and dsa keys.

Note: This can be done for the root account, but is safer if it is set up on the users account and then if needed su to root to perform any admin tasks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH root login from different user Seregwethrin Linux - Software 4 05-21-2009 02:54 PM
problems with passwordless log in as root with SSH Mountain Linux - Software 1 05-05-2009 01:28 PM
Passwordless SSH login triley Linux - General 3 11-14-2008 03:07 PM
Cannot set up passwordless login via ssh slinx Linux - Software 5 09-19-2008 09:37 AM
passwordless login on the same machine via ssh athreyavc Linux - Server 2 06-20-2008 12:12 AM


All times are GMT -5. The time now is 08:25 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration