Why should I configure SSH without password
should I configure SSH without password?
Some packages like openMosix(a Cluster Sofware) requires to execute
commands remotely on other cluster nodes to get process list of
remote host. For remote executing commands it uses rsh/ssh. SSH is
definitely secure that rsh. But SSH must be configured for root to
logging into remote system without password. SSH is secure even if
you use it to login without being prompted for a password. Here is a
one way to configure it.
first a running secure-shell daemon on the remote site is required.
If it is not already running start it with:
you have to generate a keypair for SSH on your local computer whith
will be prompt for a passphrase for that keypair. The passphrase
normally is longer than a password and may be a whole sentence. The
keypair is encrypted with that passphrase and saved in
NOT give your private-key to anybody!!! Now copy the whole content of
/root/.ssh/identity.pub (your public-key which should be one long
line) into /root/.ssh/authorized_keys on the remote host. (also copy
the content of /root/.ssh/identity.pub to your local
/root/.ssh/authorized_keys like you did it with the remote-node
because openMosixview needed password-less login to the local-node
you ssh to this remote host now you will be prompted for the
passphrase of your public-key. Giving the right passphrase should
give you a login.
is the advantage right now??? The passphrase is normally a lot longer
than a password! The advantage you can get using the ssh-agent. It
manages the passphrase during ssh login.
ssh-agent is started now and gives you two environment-variables you
should set (if not set already). Type:
see if they are exported to your shell right now. If not just cut and
paste from your terminal. e.g. for the bash-shell:
for the csh-shell:
setenv SSH_AGENT_PID 1066
these variables the remote-sshd-daemon can connect your local
ssh-agent by using the socket-file in /tmp (in this example
/tmp/ssh-XXYqbMRe/agent.1065). The ssh-agent can now give the
passphrase to the remote host by using this socket (it is of course
an encrypted transfer)!
just have to add your public-key to the ssh-agent with the ssh-add
you should be able to login using ssh to the remote host without
being prompted for a passwod!
could (should) add the ssh-agent and ssh-add commands in your
it is started when you login on your local workstation. You have done
it! I wish you secure logins now.