Sunday, 6 January 2013

How to setup Passwordless SSH

Suppose I want to login from oradev1 to orapsup, without giving password, so I need to generate the key in oradev1 node.

In oradev1 Node:
ssh-keygen -t rsa
cat $HOME/.ssh/id_rsa.pub
Path of ssh-keygen: /usr/local/bin/ssh-keygen
/usr/local/bin/ssh-keygen -t rsa


In orapsup Node:
vi $HOME/.ssh/authorized_keys
And, put the contents of id_rsa.pub taken from oradev1 in the file

If .ssh directory doesnot exist, then create it by running the following

command:
ssh-keygen -t rsa

[oradev1@mkkdevserver1 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oradev1/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oradev1/.ssh/id_rsa.
Your public key has been saved in /home/oradev1/.ssh/id_rsa.pub.
The key fingerprint is:
74:b3:cd:c9:8d:1c:40:ca:3c:ce:82:ab:04:7f:25:7f
oradev1@mkkdevserver1.mkkdomain.local
[oradev1@mkkdevserver1 ~]$
[oradev1@mkkdevserver1 ~]$ cd .ssh/
[oradev1@mkkdevserver1 .ssh]$ ls
id_rsa  id_rsa.pub  known_hosts
[oradev1@mkkdevserver1 .ssh]$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtBBAsSSfzZC7Zu3fFlO8xCUaO1jzuXnPe+Z38nNboZLspjFkNaEkdYd9Ej6ZS+uBfTjrCVgCTBEdb0wLzAQlvLVLVro/M9gwjhoNGQyBKJyDQYmkUy7RSFuUdFupioT+YIOGfdQBbpn8YFbfeTWd23Khcaxkpdt/n4hlBY/PdAYUPxNvypnp49jtbideF6yiSqXF1gBDhWefh9Zd9KlIInKY6k0MNqTfn6WY57/PuSiWq+i4WKs/whZWOqnTKlulHVhBSSEjFaYKyPtPvgZbl13cbIQsvcB3TUMnYJT1JylmwMCw6ZGJIATLJMTA4WpNhHDO07e+6a7RtroyY63z5w==
oradev1@mkkdevserver1.mkkdomain.local
[oradev1@mkkdevserver1 .ssh]$

Now whatever contents you have on file id_rsa.pub, you have to put that in authorized_keys file of orapsup.

[orapsup@mkkdevserver2 .ssh]$ ls -ltr /home/orapsup/.ssh/authorized_keys
-rw-r--r-- 1 orapsup dba 1374 Apr  5 13:52 /home/orapsup/.ssh/authorized_keys
[orapsup@mkkdevserver2 .ssh]$

View the /home/orapsup/.ssh/authorized_keys file and paste at the end of the file the above public key content.
Now you are ready to login from oradev1 to orapsup,  without giving any password.

Cheers !!!!!!!!!!!

No comments:

Post a Comment