How to login to the server from the client machine without using the password?

Generally, the system administrators do the operations on the multiple servers at a time. We have to provide the password for every system while logging to the system. A person generally annoys to give the login credentials every time.

The admin can generate the public and private key and the public key can be copied into the client machines. This public key in the client machine can act as the authorized credential to the server.

The public key encrypts the login credentials and the private keys decrypts the login credentials and provides access to the server machine.

 

Configuration of ssh keys:

• Generate the ssh key pair as follows

[root@sys1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):

 

• System asks for the location to store the keys. By pressing enter the keys are stored in /root/.ssh directory. After that it asks for the passphrase.

[root@sys1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):

 

• This passphrase is used in the place of the password. Enter your own passphrase two times and press enter.

Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ad:99:b7:9d:aa:70:d6:8a:d3:63:1c:4b:d5:95:a4:78 root@sys1.ithonours.com
The key's randomart image is:
+-[ RSA 2048]--+
|        ...   |
|       . .o   |
|       ..E.   |
|       ....   |
|        S..   |
|         o=   |
|      .+*oo   |
|   .=*o o .   |
|    .oooo.o   |
+--------------+

 

• Now the key pair is successfully generated. Check the key pair in /root/.ssh.

[root@sys1 ~]# cd /root/.ssh/
[root@sys1 .ssh]# ls
id_rsa id_rsa.pub known_hosts

 

In the above output the highlighted files are the keys. The file with the extension .pub is the public key and the other is the private key.

 

• Copy the public key to the client machine we can copy this file as follows by using the command ssh-copy-id -I <publickey location> <clients IP address>

[root@sys1 .ssh]# ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.1.8

 

From the above command the key is copying into the client machine having the ip address 192.168.1.8.

[root@sys1 .ssh]# ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.1.8
root@192.168.1.8's password:
Now try logging into the machine, with "ssh '192.168.1.8'", and check in: .ssh/authorized_keys

 

To make sure we haven't added extra keys that you weren't expecting.

• Check the client machine weather the key is copied or not.

[root@sys2 ~]# cd /root/.ssh
[root@sys2 .ssh]# ls
authorized_keys known_hosts

 

• Now login to the client machine my client machine’s ip address is 192.168.1.8

[root@sys1 .ssh]# ssh 192.168.1.8
Enter passphrase for key '/root/.ssh/id_rsa':
To login we have to provide the pass phrase.
[root@sys1 .ssh]# ssh 192.168.1.6
Enter passphrase for key '/root/.ssh/id_rsa':
Last login: Mon Mar 21 12:53:53 2016 from 192.168.1.46

 

Now we are success fully logged into the remote machine.

After doing all this configuration a doubt may raise to you that is here we are providing a pass phrase then what is the difference. This is similar to the normal login right!

It is different because during the configuration there is no need to give the passphrase. But for the minimal security we are providing the passphrase.

 

Topics Summary