top of page
DBAGenesis_png.png

Setup Passwordless SSH in Linux

Every time you ssh from one Linux server to another, you need to enter target server user's password. We can also setup passwordless ssh in Linux between two Linux servers so that you don't have to enter password for the target server user.


Overview


We have two Linux servers (192.168.1.181 and 192.168.1.182) and we will be setting ssh without password between the two Linux servers for root user.


Note: the process remains exactly same for setting up passwordless ssh for any other user in Linux.


Verify Existing SSH-Keys


It is a good idea to first check if ssh-keys are already generated on Linux server. You can always re-use the existing ssh keys and regenerating ssh keys will not be a good idea.


Let us check ssh-key on our servers (192.168.1.181 and 192.168.1.182)

On 191.168.1.181
================
ls -al ~/.ssh/id_*.pub

On 192.168.1.182
================
ls -al ~/.ssh/id_*.pub

If you see existing ssh keys then, skip the next step and move to Add SSH-Keys

Else, proceed below!



Generate SSH-Keys


In each server, generate the ssh keys using ssh-keygen utility in linux

On 192.168.1.181
================
ssh-keygen

Enter file in which to save the key (/root/ .ssh/id_rsa): [Press enter key] 
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Press enter key] 
Your identification has been saved in /root/ .ssh/id_rsa. 
Your public key has been saved in /root/ .ssh/id_rsa.pub.

On 192.168.1.182
================
ssh-keygen

Enter file in which to save the key (/root/ .ssh/id_rsa): [Press enter key] 
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Press enter key] 
Your identification has been saved in /root/ .ssh/id_rsa. 
Your public key has been saved in /root/ .ssh/id_rsa.pub.


Add SSH-Keys


View the ssh keys on 192.168.1.181 server and copy them to notepad

On 192.168.1.181
================
cat ~/.ssh/id_rsa.pub

View the ssh keys on 192.168.1.182 server and copy them to notepad

On 192.168.1.182
================
cat ~/.ssh/id_rsa.pub

Your keys must look like below on notepad

setup passwordless ssh in linux - linux ssh key rsa

Copy the above keys from notepad and put it under .ssh/authorized_keys file on both server

On 192.168.1.181
================
vi ~/.ssh/authorized_keys     --> paste keys from notepad

On 192.168.1.182
================
vi ~/.ssh/authorized_keys     --> paste keys from notepad


Set Permissions


Give permissions to .ssh and authorized_keys file on both servers

On 192.168.1.181
================
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

On 192.168.1.182
================
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys


Test Passwordless SSH


Let's connect from 192.168.1.181 to 192.168.1.182 to check if ssh without password is working

On 192.168.1.181
================
ssh root@192.168.1.182

The authenticity of host '192.168.1.182 (192.168.1.182)' can't be established. ECDSA key fingerprint is SHA256:6yPNygL8ho6JKSlz54LFRzDSNf6UdBUQZcsWaqig738. ECDSA key fingerprint is MD5:c0:28:a8:2e:77:86:bb:cd:07:e4:c9:8e:3b:8f:de:43. [Enter yes Here] yes

Let's connect from 192.168.1.182 to 192.168.1.181 server

On 192.168.1.182
================
ssh root@192.168.1.181

The authenticity of host '192.168.1.181 (192.168.1.181)' can't be established. ECDSA key fingerprint is SHA256:6yPNygL8ho6JKSlz54LFRzDSNf6UdBUQZcsWaqig738. ECDSA key fingerprint is MD5:c0:28:a8:2e:77:86:bb:cd:07:e4:c9:8e:3b:8f:de:43. [Enter yes Here] yes

Done! we have a passwordless ssh login setup done for the root user.



Further read

Become a top notch dba with DBA Genesis
Become a DBA with DBA Genesis.png
bottom of page