Friday 22 November 2019

How to Configure Password Less Authentication on CentOS 7

In some certain reason, password less authentication is require on remote machine which helps to access the remote machine without entering the password for login, deployment and management purpose.
This article describes How to Configure Password Less Authentication on CentOS7

Step 1. Generate SSH Key: Generate random SSH RSA key on source machine:

[root@linuxcnf ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/
The key fingerprint is:
SHA256:gdfRD4dc5CVxL+A4w43rfXdsyvEgB00cF4x1FhDlP root@linuxcnf
The key's randomart image is:
+---[RSA 2048]----+
|      .++*+*. .  |
|     . ++oO+=o.. |
|      = +.*O.oE..|
|       + =+=o  +o|
|        S *  o +.|
|         B    + o|
|        +      . |
|         .       |
|                 |
[root@linuxcnf ~]#

Step 2. Copy Key: Copy the key to the remote machine using ssh-copy-id command:

[root@linuxcnf ~]# ssh-copy-id user1@lc-node1
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/"
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ceph@lc-node1's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'user1@lc-node1'"
and check to make sure that only the key(s) you wanted were added.

[root@linuxcnf ~]#

Step 3. Set Default User: Put the below entries on ~/.ssh/config file to use user user1 as default password less login on remote machine:

[root@linuxcnf ~]# vi ~/.ssh/config
Host lc-node1
   Hostname lc-node1
   User ceph
 [root@linuxcnf ~]#

Change permission of the file:

[root@linuxcnf ~]# chmod 644 ~/.ssh/config
[root@linuxcnf ~]#

Step 4. Verify Password Less Login: Validate password login on remote machine:

[root@linuxcnf ~]# ssh lc-node1
[ceph@lc-node1 ~]$ exit
Connection to lc-node1 closed.
[root@linuxcnf ~]#

Done!!! Password Less Authentication configuration has been done.

No comments:

Post a Comment