var sidebar_align = 'right';
var content_container_margin = parseInt('350px');
var sidebar_width = parseInt('330px');
how do i setup instant login to ssh from my local to remote (ssh) without needing to type any login info? Would I use ssh keys or something?
yes, you need to use a key. could you detail please what kind of OS you use on your PC you access from? so I can advise what you need to do to set up it.
you can type "man ssh-keygen" and review all its options.
in two words you can do the following:
"/usr/bin/ssh-keygen -t rsa"
and press "enter" on all its questions.
at the end it will create 2 files in the folder "/root/.ssh":
"id_rsa" is your private key. permissions must be 600 and to restrict
access for other users.
"id_rsa.pub" is your public key that is used on a remote machine.
you need to copy the contents from "id_rsa.pub" into /root/.ssh/authorized_keys on
your remote machine.
so you are ready and can access from the first machine to another without authorization.
also I do advise to check ssh options to limit access to your remote
machine by "hosts" that use your key in case if the private key is stolen
Don't hesitant to ask if you have any other questions.
I did as shown above and restarted ssh.
It still prompted for login (I'm using putty on windows xp)
Is this normal?
[email protected] [~]# /usr/bin/ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
[actual fingerprint here]
[email protected] [~]# nano id_rsa.pub
[email protected] [~]#
[email protected] [~]# nano /root/.ssh/id_rsa.pub
[email protected] [~]# nano /root/.ssh/authorized_keys
[email protected] [~]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
[email protected] [~]#
ohh wait. Do you access from windows xp PC to a linux?
I thought it was linux -> linux
Yes local (windows vista to be exact, using putty) to remote (linux, centos 4)
That advice was for linux -> linux.
Now for for Windows -> Linux
along with putty, you need to download "pageant.exe" and "puttygen.exe"
1) run puttygen.exe, set key type to SSH-2RSA and create keys.
It will create a public and private key.
In the field "Key passphrase" enter a password, remember it and
save both of the keys.
2) now take your public key from the saved file and put
it into the file "/root/.ssh/authorized_keys" on your linux server.
It must look like:
<<make sure it it is only one string! otherwise the key won't be recognized by ssh.>>
also you don't need to restart ssh.
3) now on your windows PC run pageant.exe and load from there the
saved private key. It will ask your password for this key only
If everything was done correctly you must be able now to log into your
linux server without any authorization.
in the same way you can put the created public_key on your other linux
servers, you don't have to create a new one.
And take care of your private key
Just for the record, you'll still have to enter your username
only one time when you load a private key into "pageant".
To avoid it just don't set up your "Key passphrase". But I don't advise to
do that because anyone else will be able to use your private key if
It didn't work. Still prompts with
Also, the public key created from puttgen looked like this
Also, I have direct root disabled and using a custom port but I know this should not matter.
---- BEGIN SSH2 PUBLIC KEY ----
---- END SSH2 PUBLIC KEY ----
Last edited by r00t pAsSw0rd; 10-04-2006 at
I just use SecureCRT and save the user/password and it logs in automatically..
PuTTy will ask you for the username. SecureCRT saves your information automatically.
I'm confused. So if putty is going to ask me for the username, then what is the purpose of all this I'm doing? Which username would I use? The wheelgroup? It asks for a password too.
Yeah now that IS confusing.
What the hell does the wheelgroup have to do with ssh login??
Just get SecureCRT, type in the ip of the server, hit connect, type in user and password, check the little box at the bottom left 'save password'
badabing badaboom done
Guy, have you read my post? I asked to use "pageant" it keeps your key and you won't have to enter its password every time.
your public key on your server must look like:
Not as two strings, just one.
Here's a little somethin' for all you PuTTY users out there...
Let me repet myself:
I have direct root disabled on the box. I generated a public / private key and copied the public into AS IS, one line for sure inside
I loaded pageant, added the private key successfully. I opened putty and went to my IP / custom port and it loaded up asking for login information again.
Why does it still ask for login information when the key is properly loaded remotely and locally?
For the record, stop suggesting secure crt. Your starting to sound like a sales person.
Last edited by r00t pAsSw0rd; 10-06-2006 at
Did you look at the logfile to see why sshd prompted for a password? Usually in /var/log/secure or /var/log/messages.
And when you say you disabled 'direct root', are you saying you set PermitRootLogin to no in the sshd.conf ?
If this is the case, put the authorized_keys file into the .ssh folder of the user you are logging in as. Also make sure that user owns the file, and it does NOT have group/world read/write (chmod 700 authorized_keys)
And there was a screenshot posted of where to put the username to auto-login with (so it wont' prompt for a username)
" And when you say you disabled 'direct root', are you saying you set PermitRootLogin to no in the sshd.conf ?"
Yes, permitrootlogin no
" If this is the case, put the authorized_keys file into the .ssh folder of the user you are logging in as"
Where would I find this?
In this directory?
I see this...
drwx------ 2 root root 4.0K Oct 6 15:41 ./
drwxr-x--- 21 root root 564K Oct 6 03:38 ../
-rw-r--r-- 1 root root 900 Oct 6 14:45 authorized_keys
-rw-r--r-- 1 root root 633 Sep 24 08:42 authorized_keys2
-rw-r--r-- 1 root root 223 Aug 14 12:51 known_hosts
If you have disabled root, who have you been ssh'ing in to your server as?
Once you figure out which user you are using, place the authorized_keys into their ~user/.ssh folder, and make sure they own the file, and chmod it 700.
I ssh in with the wheelgroup user first and its password, then su - into root mode with root password. That is how.
cp ~root/.ssh/authorized_keys ~wheelgroup/.ssh
chown -R wheelgroup ~wheelgroup/.ssh
chmod 700 ~wheelgroup/.ssh/authorized_keys
Ok, it got me in through the wheel user, but now it still wants the root password