SSH

From Bashlinux
Jump to: navigation, search

OpenSSH

How to login remotely with no password

  • Generate a DSA key
# ssh-keygen -t dsa
  • Hit <ENTER> to accept the default options
  • Copy the look at your .ssh folder and copy the .pub file on the remote server in the account you are trying to login
# scp .ssh/id_rsa.pub user@remote_host:
  • Login in the remote host and add the key in the `authorized_keys` file:
# cat id_rsa.pub >> .ssh/authorized_keys
  • Ensure the proper ownership on each folder
# chmod 700 /home/user
# chmod -R 600 .ssh

How to avoid SSH prompting on automatic login

SSH check for the Host key every time the user try to login, if the server is not listed on .ssh/known_hosts or is listed but the fingerprint key is different, then ssh will prompt you either if you want to add the key to you known hosts list or that you can't connect because the fingerprint key doesn't match.

This can create conflict when a command which is executed from a script to do an automatic login is trying to access the server and finds any of the above situations, the script just hangs and is because the prompt is waiting for an answer, from the user.

To avoid this situation just disable the Host key checking option in openssh config. Is recommended to do this only in the user account which is executing the script, setting this option in the global configuration might can create a security issue.

The file is located at ~/.ssh/ssh_config, create the file if already doesn't exists and add the following line:

StrictHostKeyChecking no

How to SSH using host aliases

Alias from bashrc doesn't work on ssh. Let say I'm doing a ssh to a remote host in the folowing way:

# ssh myuser@thislongnameforadomain.com

But I want to reduce it to a short alias like foo, then I need to create/edit ~/.ssh/config file and add the following lines:

Host foo
    Hostname thislongnameforadomain.com
    User myuser

Then on next time, ssh to this terminal will be as easy as type

# ssh foo

PuTTY

An excelent ssh client for Windows. To get it running just:

  • Google it
  • Download it
  • Run it

No installation is required as it is an standalone binary.