setting a password less ssh connection
Kwan Lowe
kwan at digitalhermit.com
Fri May 19 19:54:02 UTC 2006
> You also need to create an account with an empty password to log
> into. It also means that the user can log in locally without using a
> password. (Just hit enter when it asks for a password.) I have not
> tested it, but sshd may still ask for a password, but allow you to
> hit enter when asked. The default setting will not let you connect
> to this type of account using passwords. I believe it will let you
> connect using key pairs. At a guess, I would say it is designed to
> prevent remote logins using a "guest" account that does not require
> a password...
No, you most certainly do not want to create a passwordless account. SSH keypairs,
if configured using the default Fedora SSH server configuration, will work even if a
password is set.
In short:
1) On the local side:
ssh-keygen -t rsa -b 1024 -f identity
Copy the identity and identity.pub files to ~/.ssh
chmod 700 ~/.ssh
chmod 600 ~/.ssh/identity
2) Copy the identity.pub file to the remote server and append to the remote user's
~/.ssh/authorized_keys file
scp identity.pub remoteuser at remotehost: (it will prompt for password)
ssh remotehost (it will prompt for password)
cat identity.pub >> .ssh/authorized_keys
chmod 700 ~/.ssh
chmod 644 ~/.ssh/authorized_keys
rm identity.pub
3) Logout from the remote host then test:
ssh remoteuser at remotehost hostname
It should respond with the hostname of the remote.
If the remote host is running another SSH version (e.g., Tectia) then this will need
to be modified slightly.
--
* The Digital Hermit http://www.digitalhermit.com
* Unix and Linux Solutions kwan at digitalhermit.com
More information about the fedora-list
mailing list