Tired of keying the password every time when you SSH into your neighboring machines? We'll discuss about a very simple implementation of Key based authentication for SSH here.
To explain this further, I'm creating two different user accounts on two systems as below,
System 1 --> Mandriva 2007.0 --> Host Name "mdv2007" --> Users (anand & geek)
System 2 --> RHEL 5 --> Host Name "rhel5" --> Users (anand & geek)
Please find the below table to understand further
System
OS
Host Name
Users
Home Directory
System 1
Mandriva 2007.0
mdv2007.geekbrains.com
anand
/home/anand
geek
/home/geek
System 2
RHEL 5
rhel5.geekbrains.com
anand
/home/anand
geek
/home/geek
Please ensure the following
Ensure that Open SSH is installation on both the hosts.
Ensure that the Firewall permits SSH transactions.
Ensure that the hosts can be resolved by hostnames (either by DNS or by /etc/hosts) else we may need to use IP Addresses instead of host names.
The
following tasks are performed to achieve our goal
I logged into “rhel5.geekbrains.com”
as user “anand”
I generated an RSA Key pair by
running “ssh-keygen –t rsa”
[anand@rhel5 ~]$ ssh-keygen - t
rsa
Generating
public/private rsa key pair.
It will prompt you for a
location to save the generated key like this
Enter file in which to
save the key (/home/anand/.ssh/id_rsa):
Created directory
'/home/anand/.ssh'.
Set the Passphrase when
prompted
Enter passphrase
(empty for no passphrase):
Enter same passphrase
again:
Your identification
has been saved in /home/anand/.ssh/id_rsa.
Your public key has
been saved in /home/anand/.ssh/id_rsa.pub.
The key fingerprint
is:
6b:fd:9f:1b:c5:ed:6e:32:a9:88:ba:e3:41:5c:b3:90
You can change to the directory
“.ssh” to verify those two newly created files
[anand@rhel5 ~]$ cd .ssh
[anand@rhel5 .ssh]$ ls
id_rsaid_rsa.pub
I copied the RSA public key to
my Mandriva machine “mdv2007.geekbrains.com”
I changed the file permission
to read / write only for the owner
[anand@mdv2007 .ssh]$ chmod 644 authorized_keys
I logged out from the SSH
session of “mdv2007”
[anand@mdv2007 .ssh]$ exit
logout
Connection to mdv2007
closed.
I logged into “mdv2007” again
thru SSH
[anand@rhel5 ~]$ ssh -l anand mdv2007
However, this time instead of
prompting me for a password, Mandriva now prompted for a passphrase.
Enter passphrase for
key '/home/anand/.ssh/id_rsa':
Enter passphrase for
key '/home/anand/.ssh/id_rsa':
Last login: Wed Feb 28
21:06:27 2007 from rhel5
I logged out again from
“mdv2007”
[anand@mdv2007 ~]$ exit
logout
Now to get the Key Based
authentication to its highest level, On the “rhel5” host I ran the
following command to start the “ssh-agent” to track the authentication
[anand@rhel5 ~]$ ssh-agent bash
I added my private key to the
agent for authentication
[anand@rhel5 ~]$ ssh-add .ssh/id_rsa
Enter passphrase for
.ssh/id_rsa:
Identity added:
.ssh/id_rsa (.ssh/id_rsa)
I tried to login to “mdv2007”
again
[anand@rhel5 ~]$ ssh -l anand mdv2007
Last login: Wed Feb 28
21:08:12 2007 from rhel5
This time I didn’t even get a
prompted for a passphrase or a password
[anand@mdv2007 ~]$ exit
Logout
Now in order to allow the
connection only from the Host "rhel5" I edited the "authorized_keys"
file to include the "from" field.
How To's 
