- generate on your LOCAL machine a keypair with: ssh-keygen -t rsa (dont type in any password, just keep hitting enter)
- make sure your private key resides under ~/.ssh (under windows this can be under c:\documents and settings\yourname\.ssh or under c:\cygwin\home\yourname depending on your ssh-keygen tool which you need to download
- file transfer the PUBLIC key to the machine you which to automatically logon to. Under the directory ~/.ssh (create it if necessary) concatenate your public key with the file authorized_keys (create file if needed)
- make sure the authorized_keys is not read or modifiable by group or others my doing chmod 700 ~/.ssh/authorized_keys
- make sure the ~/.ssh directory on the REMOTE machine is not read or modifiable by group or others my doing chmod 700 ~/.ssh
- You may need to enable empty password authentication (need root access) on the REMOTE machine in the config file sshd_config. Make "permitemptypasswords yes". Restart SSH Daemon on REMOTE.
- On some machines, you may also need to make sure your HOME directory is not writable by group or world. Type chmod 700 ~
Hi, I have followed your instructions to the letter to allow passwordless scp from serverA to serverB and from serverB to serverA. It works from serverA to serverB but not from serverB to serverA. The permissions are the same on both side. Any suggestions?
Inorder to get it to work from ServerB to ServerA, you have to redo the steps on ServerB. Hope this helps
Hi, I did redo the same steps on the serverB.
I have done as you have suggested - and it works perfectly from the command prompt. Thank you. It does not work, though, once run from the cron. Environment is set within the script. Do you have any ideas?
There is a way you can do this without exchanging keys at all. It requires ssh and the unix shell "sh". ------------------------ USERNAME=$1 HOSTNAME=$2 PASSWORD=$3 shift;shift;shift CMD=$@ #handle the "unknown fingerprint" issue #first, delete any existing fingerprint so we don't get "bad fingerprint" grep -v $HOSTNAME ~/.ssh/known_hosts > /tmp/known_hosts mv /tmp/known_hosts ~/.ssh/known_hosts #fix /etc/ssh/ssh_confif #take out any reference to our variable: StrictHostKeyChecking grep -v StrictHostKeyCheck /etc/ssh/ssh_config > $SSH_CONFIG echo "StrictHostKeyChecking no" >> $SSH_CONFIG #handle the password PROG="/tmp/sshp.askpass" export SSH_ASKPASS=$PROG echo "#! /usr/bin/env sh" > $PROG echo "echo \"$PASSWORD\"" >> $PROG chmod +x $PROG if [ -z "$DISPLAY" ]; then export DISPLAY=":0.0" #display must be set for askpass to work fi #run ssh in new session to detatch term. exec setsid ssh $CMD ------------------------
There might be a difference in the /etc/host* files
if u would have written properly..
This worked perfect, thanks. This article is worth a bookmark.
Is this possible to connect from Windows to a unix server?
Great info, thanks!
Thanks a lot. Practical and Concise!
very detailed and useful information, thanks
works like a charm !!, thanks