How to Configure SSH Passwordless Login on RHEL 7
How to Configure SSH Key Pair Authentication on RHEL 7/CentOS 7/RHEL 8/CentOS 8
SSH stand for Secure Shell or Secure Socket Shell. SSH is
use to take Shell session securely, SSH is a cryptographic network protocol. Secure
Socket Shell (SSH) is a network protocol that use port 22 of Transmission
Control Protocol (TCP) and it is work on transport layer through application
layer of OSI Model. The main purpose of Secure Socket Shell (SSH) is to take
remote session securely. By use of Secure Socket Shell (SSH) data is encrypted
between the computers means client and server, and Secure Socket Shell (SSH)
protocol transfer the files securely. Secure Socket Shell (SSH) is the
replacement of insecure terminal like telnet, rsh (remote shell) and rlogin
(remote login) because Secure Socket Shell (SSH) provide a secure channel or tunnel
for connectivity between client machine and server machine. For transferring a
file, Secure Socket Shell (SSH) is also replacement of File transfer protocol
due to its security feature.
Secure Socket Shell (SSH) is use to manage Linux base
operating system by use of putty or tera term, routers, virtualization (VMware
vCenter), servers and etc.
SSH Key Pair:
Secure Socket Shell (SSH) key pair is Private and Public Key
Pair; user can login to other system without password that is Single Sign on
(SSO). Secure Socket Shell (SSH) Key Pair use public key infrastructure
algorithm that is a secure authentication without password. The Secure Socket
Shell (SSH) key pair is use to secure the access credential by the use of
private and public key, public key is store on server where user want to take Secure
Socket Shell (SSH) remote session and private key is store on client machine
that is a user machine to take the Secure Socket Shell (SSH) remote session.
Note: The important point is that to create a username for
SSH key pair authentication on server and client both machine should have same
name with same id.
To create User with name “Owais” and set its password on
linux operating system (CentOS 7/RedHat7/CentOS 8/RedHat 8), type the below
mention command.
useradd owaispasswd owais
To check the user id owais, type the below mention command.
id owais
To check the IP of host "rhel7" on which server user want to
take the remote session, type the below mention command.
ip a
Create a user with name “owais” on client machine have
hostname “Redhat7lvm” with a same name, id and password that similar to server
host, from this client machine user will take the ssh session of server.
To check the id “owais” on
client host “Redhat7lvm”, type the below
mention command.
id owais
To check the IP address of client machine “Redhat7lvm”, type
the below mention command.
ip a
To configure a server for SSH Key Pair Authentication. Create
a key pair authentication of user “owais” for login with a common user “owais”
on SSH server host, type the below mention command. Here public key is use for
server and private key is use for client.
ssh-keygen -t rsa
In the above procedure if you not provide password, there is
no need to provide password for ssh from client machine to server machine or in
script. Otherwise, in the above procedure if you set password you need to
provide password for ssh from client machine to server machine or in script
Move the file “id_rsa.pub” on server machine from directory “/home/owais/.ssh/id_rsa.pub” to file "authorized_keys" “/home/owais/.ssh/authorized_keys” for authorization. In other words you can say rename the file "id_rsa.pub" to file "authorized_keys" in directory ".ssh".
mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
To move the secret key from the server machine to client
machine for login with key authentication means without password, follow the procedure.
Create a directory “.ssh” on user home location
“/home/owais/” in client machine.
mkdir ~/.ssh
Set permission of directory “.ssh” to 700 on client machine,
use chmod command to set the permission.
chmod 700 /home/owais/.ssh
Copy secret key “id_rsa” from server machine ssh directory
to client machine ssh directory.
scp owais@10.0.*.*:/home/owais/.ssh/id_rsa /home/owais/.ssh/
To verify the ssh connectivity that key pair authentication
is working, means user should login through SSH from client machine to server
machine without password.
ssh -i /home/owais/.ssh/id_rsa owais@10.0.*.*
ssh owais@10.0.*.*
Thanks for Read this Article
Comments
Post a Comment