Passwordless SSH RSA Authentication

Posted in Arch Linux by TuxLyn on January 25, 2013 edited on February 24, 2013
311 views

Config File Instructions on how to configure SSH and passwordless rsa authentication.

1. Login to your server and configure SSH.

$ ssh user@server
$ su root
$ ** ryour server root password **
# nano /etc/sshd/config

Change/Add/Uncomment this following lines:

Port 3344
Protocol 2
PermitRootLogin without-password
AllowUsers user root

Any port above 1024 is good, as long as its not default port 22.
RSAAuthentication and PubkeyAuthentication should be enabled by default.

Note: Don’t worry about the misleading “without-password” command. This will only disable root password for rsa authentication and will not actually allow any one else to login to your server without a password, if they don’t have your private rsa key.

2. Configure RSA keys to login to your server without passwords. On your computer (not server), generate rsa keys by using everything default and living password fields empty by pressing enter when asked.

 $ ssh-keygen -t rsa

3. Now copy public rsa key over to your server.

$ cat ~/.ssh/id_rsa.pub | ssh user@server -p3344 'cat >> .ssh/authorized_keys'
$ ** your server user password **

4. Copy same public rsa key to root.

$ su root
$ ** your server root password **
# cp /home/user/.ssh/authorized_keys /root/.ssh/authorized_keys

5. To login as user or root to your server simply run.

 ssh user@server -p3344  or  ssh root@server -p3344

or setup easy ssh config on your computer for easier alias login. See example config bellow.

#
# ~/.ssh/config
#

## Usage
# Host alias
# Hostname ip_here
# User user_name
# Port port_here

## Example: Regular, User SSH Login
Host srv1usr
Hostname 192.168.0.1
User johndoe
Port 3344

## Example: Regular, Root SSH Login
Host srv2root
Hostname 192.168.0.1
User root
Port 3344

## Example: VPN, User Login
Host srvprx
Hostname 192.168.0.2
User johndoe
Port 3344
ProxyCommand corkscrew vpn.server.com 3128 %h %p ~/.ssh/auth

Then simply run any alias to connect by typing: “ssh srv2root” for example. To use VPN or any other SOCKS5/HTTP proxy to connect through corkscrew, you need to install “corkscrew” and create ~/.ssh/auth file with user:pass in it.

StatCounter WhosAmungUs FlagCounter