Passwordless authentication or also known as key-based authentication is typically used to connect to servers so let’s see the process to generate one.
Two keys are generated in this process – A public and a private key. The public key will be available on our Linux server and the private key will be exported to our client servers to do passwordless authentication.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
root@node01:~/.ssh# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): yes Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in yes Your public key has been saved in yes.pub The key fingerprint is: SHA256:PkdbnDukhr7t0r08wUsJZkfBZJqpRRZGZkN0G8IcjIA root@gluster01 The key's randomart image is: +---[RSA 3072]----+ | ... O#=*. | | E .*+Ooo | | =.. | | o+... | | So.+=. | | . o ==. | | +.=ooo | | ..=..+. | | o+o oo | +----[SHA256]-----+ root@gluster01:~# |
The public key will be stored in ~/.ssh/authorized_keys, a file in the remote user’s home directory.
Copy the private key to all our servers
|
1 2 3 4 5 6 7 8 |
root@gluster01:~# ssh-copy-id 192.168.11.112 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.11.112's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '192.168.11.112'" and check to make sure that only the key(s) you wanted were added. |
(Visited 3 times, 1 visits today)