How to Setup Secure SSH Without Password on Linux CentOS

Share this Article :

This quick post will show the steps to setup SSH access without password, but with passphrase key on Linux CentOS. After completely performed the following steps, you can ssh from one system to another without specifying any password. This steps has been tested on CentOS 6.3 and may working on other CentOS versions and Redhat Enterprise linux versions as well.

Client = 192.168.1.54
Server = 192.168.1.55

1. Create Public and private keys from openssh and save it :

[[email protected] ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
9c:41:a8:b5:d1:7f:64:c5:91:89:38:bf:5a:4c:30:16 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
|       o. Eo +o+ |
|      +.. * + +  |
|     o o.o B     |
|    . .. o. +    |
|        S  + .   |
|            +    |
|           o     |
|          .      |
|                 |
+-----------------+
[[email protected] ~]# ls -l /root/.ssh/
total 8
-rw------- 1 root root 1743 Oct  4 23:04 id_rsa
-rw-r--r-- 1 root root  411 Oct  4 23:04 id_rsa.pub

2. Change the mode of public key :

[[email protected] ~]# chmod 600 /root/.ssh/id_rsa.pub
[[email protected] ~]# ls -l /root/.ssh/
total 8
-rw------- 1 root root 1743 Oct  4 23:04 id_rsa
-rw------- 1 root root  411 Oct  4 23:04 id_rsa.pub

3. Make a .ssh directory in the home of the user on server :

[[email protected] ~]# mkdir .ssh
[[email protected] ~]# cd .ssh/
[[email protected] .ssh]# pwd
/root/.ssh

4. From Client, transport the key to the server :

[[email protected] .ssh]# scp id_rsa.pub [email protected]:/root/.ssh/
The authenticity of host '192.168.1.55 (192.168.1.55)' can't be established.
RSA key fingerprint is 71:fc:a2:51:b3:ed:bc:7b:68:ec:9e:51:a8:04:ab:fd.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.55' (RSA) to the list of known hosts.
[email protected]'s password:
id_rsa.pub                                                        100%  411     0.4KB/s   00

5. Change the key to authorized key in .ssh folder :

[[email protected] ~]# cd .ssh/
[[email protected] .ssh]# pwd
/root/.ssh
[[email protected] .ssh]# cat id_rsa.pub >>authorized_keys
[[email protected] .ssh]# ls
authorized_keys  id_rsa.pub

View the authorized_keys :

[[email protected] .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqToSfMUihcL/lFA6chuVTO77FAHNJFs102lULCVS8XwLFoDbauHdk61x3/rAHDj1HSFbb/heuHUdRndT1CJvSaK+lZ6mKMqvfqlGBvgcF+9t0+Mx3/8Nwaoy891bmiRV81UA8ywwSGx/hw6+LgLTn0F1dh+bhezdAyIV+WMM6QUW9v6APncLw0EtbZX/IMuJCizT+ka+yUgxRB8nteTKYyG1/fCwo7utKBD9Sypt4VBvMFIcoKhIoTzhAxUDxXwmOGn5mUB8aDLzUsf3eJuGOMLVH/k+zByt6tfZ9V/EFUMOVmXV33XCgewJa6RiUm0aXnmYWd722ju/tZyFqzip1w== [email protected]

6. Now Connect your server without passsword but with the passphrase key :

[[email protected] ~]# ssh [email protected]
Enter passphrase for key '/root/.ssh/id_rsa':
Last login: Thu Oct  4 23:08:17 2012 from 192.168.1.52
[[email protected] ~]#

Leave a Reply