In Linux, you can change sudo configuration to run some or all command with sudo but without entering password. If you are on a server, you should be extra careful specially if you have SSH enabled. Maybe, you should disable SSH access with password first. Let's see how to use sudo with no password. Just three simple steps separate you from the possibility of connecting to a remote server without prompting a password. Step 1: Generate a key pair on the local server. Use ssh-keygen to generate authentication keys for SSH. Output: Generating public/private rsa key pair. RE: SSH login without password on Solaris. SamBones (Programmer) 12 Mar 09 14:25 Ok, if you want to log onto machineA, and then ssh to machineB without using a password, do the following. By itself, a passphrase-protected private key requires the passphrase to be entered each time the key is used. This setup does not feel like passwordless SSH. However, there are caching mechanisms that allow you to enter the key passphrase once and then use the key over and over without reentering that passphrase.
The post details out steps to configure passwordless ssh using RSA Public Key Authentication, in other words: passwordless login using public Key. This procedure is used to reduce the number of login prompts needed to do secure remote login with Sun Secure Shell (SSH) this including also SCP ( Secure Copy) and SFTP ( Secure File Transfer).
Configuring passwordless ssh
To configure SSH to use an id_rsa key to log in, follow these steps.
1. Generate private and public key pair on the client machine (localhost).
ssh-keygen will require a key type (-t). From the man page of ssh-keygen :
2. This will create two new files ( Public and Private RSA keys ) under the $HOME/.ssh/* of the user who fired the command.
3. After generating the RSA key we need to Copy the public key (id_rsa.pub) and append the key to the $HOME/.ssh/authorized_keys file in user home directory on the remote host. For example root transfer the file to the remote user using ssh or scp:
-or-
4. Verify if everything works as needed by logging into the remote system without a password. You can also view the public RSA key into the authorized_keys file of the remote host.
Troubleshooting
If you have followed the steps given above and still you are prompted for a password, follow the steps (checklist) given below to troubleshoot the issue.
1. The key must appear in the authorized_keys file as a single unbroken line when viewed in vi command mode utilizing 'set list'. Carriage returns will appear as '$' characters in 'set list' mode of vi when viewing the key string. You can edit the line containing the key if it is not in the correct format.
2. If you get the password prompt instead, check that the permission of /export/home (assuming the home directory is /export/home/[userid]) is 755 with world readable. This permission setting is necessary because before reading the $HOME/.ssh/authorized_keys file, the sshd remote host must seteuid to the login id. To do this, the /export/home needs to be world readable.
In Linux, you can change sudo configuration to run some or all command with sudo but without entering password. If you are on a server, you should be extra careful specially if you have SSH enabled. Maybe, you should disable SSH access with password first. Let's see how to use sudo with no password. Just three simple steps separate you from the possibility of connecting to a remote server without prompting a password. Step 1: Generate a key pair on the local server. Use ssh-keygen to generate authentication keys for SSH. Output: Generating public/private rsa key pair. RE: SSH login without password on Solaris. SamBones (Programmer) 12 Mar 09 14:25 Ok, if you want to log onto machineA, and then ssh to machineB without using a password, do the following. By itself, a passphrase-protected private key requires the passphrase to be entered each time the key is used. This setup does not feel like passwordless SSH. However, there are caching mechanisms that allow you to enter the key passphrase once and then use the key over and over without reentering that passphrase.
The post details out steps to configure passwordless ssh using RSA Public Key Authentication, in other words: passwordless login using public Key. This procedure is used to reduce the number of login prompts needed to do secure remote login with Sun Secure Shell (SSH) this including also SCP ( Secure Copy) and SFTP ( Secure File Transfer).
Configuring passwordless ssh
To configure SSH to use an id_rsa key to log in, follow these steps.
1. Generate private and public key pair on the client machine (localhost).
ssh-keygen will require a key type (-t). From the man page of ssh-keygen :
2. This will create two new files ( Public and Private RSA keys ) under the $HOME/.ssh/* of the user who fired the command.
3. After generating the RSA key we need to Copy the public key (id_rsa.pub) and append the key to the $HOME/.ssh/authorized_keys file in user home directory on the remote host. For example root transfer the file to the remote user using ssh or scp:
-or-
4. Verify if everything works as needed by logging into the remote system without a password. You can also view the public RSA key into the authorized_keys file of the remote host.
Troubleshooting
If you have followed the steps given above and still you are prompted for a password, follow the steps (checklist) given below to troubleshoot the issue.
1. The key must appear in the authorized_keys file as a single unbroken line when viewed in vi command mode utilizing 'set list'. Carriage returns will appear as '$' characters in 'set list' mode of vi when viewing the key string. You can edit the line containing the key if it is not in the correct format.
2. If you get the password prompt instead, check that the permission of /export/home (assuming the home directory is /export/home/[userid]) is 755 with world readable. This permission setting is necessary because before reading the $HOME/.ssh/authorized_keys file, the sshd remote host must seteuid to the login id. To do this, the /export/home needs to be world readable.
3. The file $HOME/.ssh/authorized_keys is world-writeable, as shown here for the user 'user01':
To over-ride this behaviour, edit the /etc/ssh/sshd_config file 'StrictModes' entry from 'yes' (default) to 'no':
Restart the sshd service after this.
For Solaris 9
For Solaris 10
Ssh Without Password Windows
4. You may need to check the file /etc/ssh/sshd_config if any of the default settings (YES) have been changed to 'NO' for the below parameters.
Solaris Ssh Without Password Recovery Tool
5. The final step is to debug the ssh session. This will help follow the connection stream and show where if fails. Look for the string : 'Next authentication method: publickey'. More life drake itunes.
