Quote:
Originally Posted by priyanka mungekar
what do you exactly mean by should setup public/private ssh keys ? Is there some kind of configuration file or package thats need to be installed on the unix box ?
|
You can create a public and private SSH key pair (which amounts to a couple of text files in your home dir), that you would use as authentication for SSH. You can do this using couple of commands that are part of the OpenSSH package (and are thus likely already on your Linux box).
First create the key pair on host A:
Code:
[user@host-A ~]$ ssh-keygen -t dsa -f ~/.ssh/id_dsa -P ''
if you now look in your ~/.ssh directory, you should see at least these files:
Create a key pair on host B (the exact same command as above):
Code:
[user@host-B ~]$ ssh-keygen -t dsa -f ~/.ssh/id_dsa -P ''
Back on host A, then copy the public key over to host B:
Code:
[user@host-A ~]$ ssh-copy-id -i ~/.ssh/id_dsa.pub user@host-B
you will be prompted for user's password on "host-B" so that the key can be copied.
Then test logging into host B from host A without getting prompted for a password:
Code:
[user@host-A ~]$ ssh -oPasswordAuthentication=no user@host-B hostname
if it works correctly, you should not get prompted for a password (obviously) and the
hostname command should be executed remotely (printing "host-B" or whatever the remote host's hostname is) , on host-B and then return you to the host-A prompt.
if you have problems logging in w/o password, double-check the permissions on the ~/.ssh dir and the key files. They should be owned by you and the .ssh dir and the private key should only be readable by the owner:
Code:
[user@host-A ~]$ ls -ld .ssh .ssh/id_dsa*
drwx------ 2 user users 4096 Jun 7 12:11 .ssh
-rw------- 1 user users 668 Aug 23 2011 .ssh/id_dsa
-rw-r--r-- 1 user users 618 Aug 23 2011 .ssh/id_dsa.pub
Note that you can leave off the
-oPasswordAuthentication=no option to ssh normally, we're just try to force it to skip that auth mech, if your ssh is configured to use passwords first.