Openssh

From Bashlinux
Revision as of 02:47, 18 June 2010 by Manpaz (talk)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

OpenSSH

Remote login with no password

  1. Generate a DSA key
 # ssh-keygen -t dsa
 
Hit <ENTER> to accept the default options
  1. Copy the look at your `.ssh` folder and copy the `.pub` file on the remote server in the account you are trying to login
 # scp .ssh/id_rsa.pub user@remote_host:
  1. Login in the remote host and add the key in the `authorized_keys` file:
 # cat id_rsa.pub >> .ssh/authorized_keys
 
# Ensure the proper ownership on each folder


 # chmod 700 /home/user
 # chmod -R 600 .ssh


No SSH prompt on automatic login

SSH check for the Host key every time the user try to login, if the server is not listed on `.ssh/known_hosts` or is listed but the fingerprint key is different, then ssh will prompt you either if you want to add the key to you known hosts list or that you can't connect because the fingerprint key doesn't match.

This can create conflict when a command which is executed from a script to do an automatic login is trying to access the server and finds any of the above situations, the script just hangs and is because the prompt is waiting for an answer, from the user.

To avoid this situation just disable the Host key checking option in openssh config. Is recommended to do this only in the user account which is executing the script, setting this option in the global configuration might can create a security issue.

The file is located at `/home/user/.ssh/ssh_config`, create the file if already doesn't exists and add the following line: 

 StrictHostKeyChecking no
Retrieved from "http://wiki.bashlinux.com/index.php?title=Openssh&oldid=298"