Author Photo

Being a Linux Enthusiast and a Fan of Open Source Software, I created Ahmer’s SysAdmin Recipes blog to share my experiences with other System Administrators. The curiosity doesn’t let me stop; therefore, I am constantly trying to learn new software tools and techniques. Whereas I also have the passion and the patience to teach the others.

I am always ready to accept new challenges and wish to explore the areas, that I haven’t worked on. Please give me your feedback and help me improve this blog.

Saturday, 2 April 2016

Configure Passwordless SSH Logins between Linux servers

Configure Passwordless SSH Logins between Linux serversDuring automation of one server backups to another server known as, offsite backup, our transfer scripts get stuck at the password prompt during the execution of the copy/transfer commands, and the script remains stuck at the password prompt and do not execute any further until a password is provided. Although, it can be overcome by saving the passwords in the scripts, but it is not a recommended practice to save your password in clear text format.

Fortunately, there is a relatively better solution to this problem. We can use the RSA public key based authentication to setup passwordless logins among two or more servers.

In this article, we will configure passwordless authentication between a Linux and a Ubuntu servers.

 

System Specification:

The machine on which we want to login without password.

Hostname: backupserver.test.local
IP Address: 192.168.229.128/24
Operating System: Ubuntu 14.04 LTS Server
Username: backupadm

The machine from which we want to login to backupserver.

Hostname: dbserver.test.local
IP Address: 192.168.229.133/24
Operating System: CentOS 6.5 Server
Username: oracle

 

Configure Passwordless Authentication:

Connect to dbserver and generates a RSA public key without any passphrase.

[oracle@dbserver ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Created directory '/home/oracle/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
ca:2a:87:fc:7b:98:ae:d7:95:b3:35:b3:36:89:db:b4 oracle@dbserver.test.local
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|                 |
|                 |
|        S.       |
|     . .+ +      |
| . . +o. =.=     |
|  + =.o oo=.     |
|  .B=o  .oE.     |
+-----------------+
[oracle@dbserver ~]$

Above command generates two files in the ~/.ssh directory. Transfer the generated RSA public key id_rsa.pub file to backupserver.

[oracle@dbserver ~]$ scp .ssh/id_rsa.pub backupadm@backupserver:/home/backupadm/.ssh/rsa_dbserver_oracle
The authenticity of host 'backupserver (backupserver)' can't be established.
RSA key fingerprint is a2:38:20:d9:f6:93:04:fe:e5:09:cc:5d:b5:9a:7c:4c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'backupserver' (RSA) to the list of known hosts.
backupadm@backupserver's password:
id_rsa.pub                                                           100%  409     0.4KB/s   00:00
[oracle@dbserver ~]$

Now, Connect to backupserver and merge rsa_dbserver_oracle into ~/.ssh/authorized_keys.

backupadm@backupserver:~$ cd .ssh
backupadm@backupserver:~/.ssh$ cat rsa_dbserver_oracle >> authorized_keys

Connect to dbserver and try to connect with backupserver.

[oracle@dbserver ~]$ ssh backupadm@backupserver
Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.13.0-24-generic x86_64)
* Documentation:  https://help.ubuntu.com/
  System information as of Sat Apr  2 21:10:02 PKT 2016
  System load:  0.02              Processes:           246
  Usage of /:   3.6% of 36.54GB   Users logged in:     1
  Memory usage: 16%               IP address for eth0:192.168.229.128
  Swap usage:   0%
  Graph this data and manage this system at:
    https://landscape.canonical.com/
Last login: Sat Apr  2 20:26:45 2016 from dbserver
backupadm@backupserver:~$

Passwordless SSH logins between Linux servers has been configured. Now our scripts do not stuck at password prompt.

Configure Passwordless SSH Logins between Linux servers


YOU MIGHT ALSO LIKE:

2 comments:

  1. Most important thing for installing cluster systems, Thanks for sharing.

    ReplyDelete
    Replies
    1. You are Welcome.
      Indeed you have made the first comment to my blog :). Thanks.

      Delete