I am new to Ubuntu-Linux,i have to create a ssh user in remote system and generate its key. and access this system by key_file through the command.
ssh -i key_file user#host
Can any body tell me how can i do ?
On the system you are trying to connect to, the public key (usually id_rsa.pub or something similar) needs to be added to the authorized_keys file.
If the user is brand new and the authorized_keys file doesn't exist yet, this command will create it for you.
cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
Next just make sure sshd is running on the host and you should be able to connect with the command you posted.
on remote-server-
ssh-keygen
ssh-copy-id user#host
cd .ssh
make a copy of the file id_rsa and give any body who want to access this server/system.
on the other system
ssh -i id_rsa user#host
If you want to connect to another host as user "user", what you need is the public key of the user that is going to open that connection, i.e. the user you are logged in on your desktop computer or some server you are coming from, not for the user, you are logging in to on the remote host.
You can check, if the keys for your current user are already created in $HOME/.ssh; there you should find something like "id_rsa" and "id_rsa.pub" (for rsa keys). If they don't exist, you create them by calling
ssh-keygen -t rsa
The public key that is generated that way, id_rsa.pub in this example, has to be put in a file ${HOME of user on remote host}/.ssh/authorized_keys on the target host.
If this file does not exist on the remote host or if even .ssh does not exist, you have to create those files with the following permissions:
.ssh 700
.ssh/authorized_keys 600
See http://www.openssh.com/faq.html#3.14 for details.
A detailed description of the process can be found here:
https://help.github.com/articles/generating-ssh-keys/
Related
How can I create an ssh key from Windows and install it on a Linux host using OpenSSH to log in without a password for each connection?
CREATE AND INSTALL SSH KEY
First of all, we need to create a new key in the Windows pc (where we start the connection) using:
ssh-keygen -t rsa
Don't change the default path or remember where you saved the key, it will be used for the next command.
Press enter another two times to avoid using a passphrase (if you don't want it).
After that, if you haven't change the default path, the key will be created into {USERPROFILE}\.ssh\id_rsa.pub.
Now, you can usually use the command ssh-copy-id for installing the key on the remote host, but unfortunately this command is not available on Windows, so we have to install it using this command:
type $env:USERPROFILE\.ssh\id_rsa.pub | ssh {REMOTE_HOST} "cat >> .ssh/authorized_keys"
or if your key is not in the default path:
type {RSA_KEY_PATH} | ssh {REMOTE_HOST} "cat >> .ssh/authorized_keys"
and replace the {RSA_KEY_PATH} with your RSA path.
Replace {REMOTE_HOST} with the remote host IP/Name (like pi#192.168.0.1), launch the command, insert the password if required, and the work is done!
IMPORTANT!
SETTING UP .ssh FOLDER
If the ~/.ssh folder is not existing in your remote host, you need to configure them, this is usually done by the command ssh-copy-id, but we can not access to this power from Windows!
You need to connect to the remote host in ssh and create the .ssh directory and the authorized_keys file for the first time:
ssh {REMOTE_HOST}
Create the .ssh directory:
mkdir ~/.ssh
Set the right permissions:
chmod 700 ~/.ssh
Create the authorized_keys file:
touch ~/.ssh/authorized_keys
Set the right permissions:
chmod 600 ~/.ssh/authorized_keys
NOTE
The authorized_keys is not a folder, if you try to create it using mkdir, the SSH connection passwordless will not work, and if you debug the ssh on the host, you will notice an error/log similar to:
~/.ssh/authorized_keys is not a key file.
ADD YOUR SSH KEY ON YOUR AGENT
Run those two lines on your Windows pc to add the created key on your cmd/powershell:
ssh-agent $SHELL
ssh-add
I am creating a bash script that trying to connect to a remote server, but it requires to enter a password, I wrote the following script:
ssh HostIP
expect "password:"
send "password"
but it connects and gives "user#HostIP's password:", so the send command is not writing any password to the screen....what should I do to make it work?
Writing passwords in file(s) or scripts is NEVER a good practice. Why don't you give a try to password less authentication from one server to another.
Simple steps:
I- generate the RSA public and private keys from command ssh -keygen -t rsa to your server1.
II- Now create .ssh directory in your another server(server2)'s home dorectory with correct permissions.
III- Create file named authorized_keys on server2.
IV- Open file named authorized_keys on server2 and copy file named id_rsa.pub from server1 to server2.
V- Set permissions to 640 to ~/.ssh/authorized_keys now.
VI- try to login to server2 now by doing:
ssh user#server2
Here is a nice link which could tell you about same too.
https://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/
Once passwordless authentication is set from server1 to server2 with ssh then you could simply execute all ssh commands in your script which you want to run on another server.
You can do it with sshpass like :
sshpass -p **your_password** ssh user#HostIP
If sshpass is not already installed, you can install it and make the first connection in bash console for "the yes confirmation"
On my Windows 10, I am running into the problem of not being able to connect to m Vagrant virtual machine via ssh user with public key authentication method at git bash using command such as
$ ssh -v lauser#127.0.0.1 -p 2222 -i ~/.ssh/id_rsa
I would be prompted for password, as if the public key I copied to in the ~/.ssh/Authorized_keys file inside the vm were not seen. Meanwhile,the password authentication method works, as well as 'vagrant ssh'.
I have made sure to
create key pairs locally, create a .ssh directory at the remote, and add pub key string to the remote's .ssh /authorized_keys file; both the .ssh and the .ssh /authorized_keys file are owned by the user(lauser), and set at 700 and 644
edit the /etc/ssh/sshd_config file on vm to use
RSAAuthentication yes
PubkeyAuthentication yes
and restarted the sshd server (with 'sudo service ssh restart').
verify that firewall has been disabled temporarily to eliminate any complication.
verify that there is only one vm running, all others are either in 'suspend' or 'halt' mode.
confirm the file type by 'file ~/.ssh/authorized_keys', and get confirmation '~/.ssh/authorized_keys: OpenSSH RSA public key'
verify that the keys match by comparing the output from 'sudo cat ~/.ssh/authorized_keys' in vm and the output from ' cat ~/.ssh/id_rsa.pub' at the local.
but still I get Permission denied (publickey) when trying to connect through public key authentication.
It sounds like you've done everything correctly so far. When I run in to this problem, it's usually due to directory permissions on the target user's home directory (~), ~/.ssh or ~/.ssh/authorized_keys.
See this answer on SuperUser.
I faced same challenges when the home directory on the remote did not have correct privileges. Changing permissions from 777 to 744 helped me
i need to make passwordless login for same linux server with same user.
[airwide#eir ~]$ hostname -i
10.3.7.73
[airwide#eir ~]$ ssh airwide#10.3.7.73
airwide#10.3.7.73's password:
how can make to passwordless for same server?
Password-free login via SSH is managed using SSH keys. You can generate a keypair using the command ssh-keygen. The ssh keypair is usually stored in ~/.ssh in a pair of files named id_rsa and id_rsa.pub. When you use SSH to connect to a server, the SSH command will look for a private key in ~/.ssh/id_rsa, and will attempt to authenticate using that key. In order to authorize the key, you will need to place the public key into your authorized_keys file:
`cat ~/./ssh/id_rsa.pub >> ~/.ssh/authorized_keys`
Once you've done that, you will be able to use SSH to connect without a password from the server where the id_rsa file is to the server that has the content of id_rsa.pub in its authorized_keys file. (You can do this for same-server, as in your question, or between multiple servers. Either way, it's the same process.)
Add server's private key in known host key under .ssh folder.
You are looking for ssh keys. You can create one by entering ssh-keygen. This wil create a public key and a private key. You place the public key on the remote server, and then you can use SSH without a password.
More details, and howto:
https://wiki.archlinux.org/index.php/SSH_keys
I want to setup an ssh key in a machine of Linux running under AWS in EC2 cloud.
For that firstly, I installed cygwin, then I followed the following steps :
ssh-keygen -t dsa -f ~/.ssh/<key name> -C "<username of remote server>#<ip>"
cat ~/.ssh/<key name>.pub | ssh <username of remote server>#<ip> "cat >> ~/.ssh/authorized_keys"
Now the 1st statement executes successfully but the 2nd statement shows
bash: /home/<username of server>/.ssh/authorized_keys: No such file exists
Prior to this, I connected to the remote machine in root mode and created the user, that I am specifying at the command 1, 2 (username)
And I saw that the file is not present in the remote server for the user I created explicitly, but it is present for the user root.
bash: /home//.ssh/authorized_keys: No such file exists
When you create a new user, the ~/.ssh directory is not created by default. You will have to create the ~/.ssh/ directory and ~/.ssh/authorized_keys file yourself.
On your server, check whether ~/.ssh or ~/.ssh/authorized_keys exists. Looking at the error you have, it seems that it does not.
When you create a new linux instance, you specify a key pair that you want to use. You have a choice of creating a key pair, and downloading the public key, or uploading a private key.
In your steps, you never reference the key pair you specified when you created the instance. So the 2nd command should be something like:
cat ~/.ssh/<key name>.pub | ssh -i ~/.ssh/<key specified when launching instance> ec2-user#<public id> ...
ec2-user may be different depending on what AMI you used to create your instance - ubuntu is the default user for ubuntu instances, for example.