It's common to use ssh and scp for communicating and transferring files to and from a server. If you want to auto-login without a password, here's how to setup SSH to use encryption keys to do so.
On the Server
Use ssh to login to your server under the account name you want to use.
Run ssh-keygen to create an encryption key pair, the public and private keys. You can just hit return for each question.
[backup@server ~]$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/backup/.ssh/id_rsa): Created directory '/home/backup/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/backup/.ssh/id_rsa. Your public key has been saved in /home/backup/.ssh/id_rsa.pub.
CD to the .ssh dir and list the files to understand what you've got:
[backup@server ~]$ cd .ssh [backup@server .ssh]$ ls id_rsa id_rsa.pub
Add the public key id_rsa.pub to the SSH authorized_keys file. Be sure to use the >> to append it to any other keys you might have:
[backup@server .ssh]$ cat id_rsa.pub >> authorized_keys
Be sure the file is hidden from other users, and you can delete the public key now.
[backup@server .ssh]$ chmod 600 authorized_keys [backup@server .ssh]$ rm id_rsa.pub
On the Client
Log-off the server, so you're back on the client. Enter your .ssh directory and download the id_rsa file (the private key) from the server to your local machine:
$ cd .ssh $ scp backup@server.example.com:.ssh/id_rsa . $ chmod 600 id_rsa
Try it out:
$ ssh -l backup server.example.com [backup@server ~]$
And you can use scp for secure file transfer:
$ scp backup.tar.gz backup@server.example.com:.
SSH Agent
You can setup an environment variable to make it possible for programs that use SSH to find your keys, avoiding the requirement than you enter your passphrase each time.
Insert some lines like this into your .bash_profile:
if [ -z "$SSH_AUTH_SOCK" ] ; then eval `ssh-agent -s` ssh-add fi
No comments:
Post a Comment