It is common practice among Linux users to exchange ssh keys between machines so that you can ssh between them without having to authenticate. The manual process for doing this involves taking the public key of the local host (
~/.ssh/id_dsa.pub) and appending it to the
~/.ssh/authorized_keysfile of the remote host you wish to log in without a password.
This process is simple, but requires a few different steps. Luckily, openssh includes a nifty little shell script that will take care of all of the manual steps for you. This script is called
ssh-copy-idand should be available on your Linux distro as long as you are using the openssh client.
In order to use it all you need to do is provide a username and a remote host to log in to. It will then copy your key to the authorized_keys file of the remote host and from then on you should be able to log in without authenticating. This is illustrated below:
[root@F17 ~]# ssh-copy-id email@example.com The authenticity of host '192.168.122.1 (192.168.122.1)' can't be established. RSA key fingerprint is 62:e7:6e:18:b8:29:00:2d:f7:e4:5b:ca:81:76:b3:d9. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.122.1' (RSA) to the list of known hosts. firstname.lastname@example.org's password: Now try logging into the machine, with "ssh 'email@example.com'", and check in: ~/.ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting. [root@F17 ~]# [root@F17 ~]# [root@F17 ~]# [root@F17 ~]# ssh firstname.lastname@example.org [root@media ~]# [root@media ~]#
As you can see no password was needed after exchanging the key.
ssh-copy-idmay give you the following error if no ssh keys have been generated for the system:
[root@F17 ~]# ssh-copy-id email@example.com /bin/ssh-copy-id: ERROR: No identities found
If that happens then you need to use
ssh-keygento generate keys. You can do this non-interactively by using
ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa. Alternatively you can just run
ssh-keygenwith no options and answer questions as they are presented.
Until next time,