Académique Documents
Professionnel Documents
Culture Documents
Following is the procedure to implement password less SSH, SCP & SFTP. It is implemented on Vmware Machines.
Procedure:
Shivam Chawla | shivam.chawla@hotmail.com
This procedure describes that how to make the SSH, SCP & SFTP password less for a normal user. We can do it for root user also with the same procedure. On First Machine: 1. Login with root user. 2. Add one Group.
bash-3.00# groupadd -g 301 group1
4. Login with user1 and generate the ssh key with ssh-keygen command. It will create a public key and private key in the home directory of user. In this case it is /export/home/user1
-bash-3.00$ pwd /export/home/user1 -bash-3.00$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/export/home/user1/.ssh/id_rsa): (Press Enter for default directory) Created directory '/export/home/user1/.ssh'. Enter passphrase (empty for no passphrase): (Press Enter for no passphrase) Enter same passphrase again: (Press Enter) Your identification has been saved in /export/home/user1/.ssh/id_rsa. Your public key has been saved in /export/home/user1/.ssh/id_rsa.pub. The key fingerprint is: ae:af:11:b8:9c:3e:27:62:ee:f5:86:8e:38:d5:c1:f0 user1@sun1 -bash-3.00$
drwxr-xr-x -rw------drwx------rw-r--r--bash-3.00$
3 1 2 1
9 9 9 9
.. id_rsa . id_rsa.pub
10.
Change the user and group permissions for the user home directory.
root
On First Machine: 11. 12. Login with user1. Change present working directory to .ssh
-bash-3.00$ cd .ssh/ -bash-3.00$ ls -latr total 8 drwxr-xr-x 3 user1 -rw------1 user1 drwx-----2 user1 -rw-r--r-1 user1
9 9 9 9
.. id_rsa . id_rsa.pub
13. Now transfer id_rsa.pub file to the second machine using ftp command. Enter the username and password of uhgiex user as we are implementing password less SSH, SCP & SFTP for uhgiex user in this case.
-bash-3.00$ ftp 192.168.10.6
Connected to 192.168.10.6. 220 sun2 FTP server ready. Name (192.168.10.6:user1): uhgiex 331 Password required for uhgiex. Password: 230 User uhgiex logged in. Remote system type is UNIX. Using binary mode to transfer files. ftp> ftp> bin 200 Type set to I. ftp> hash Hash mark printing on (8192 bytes/hash mark). ftp> mput id_rsa.pub mput id_rsa.pub? y 200 PORT command successful. 150 Opening BINARY mode data connection for id_rsa.pub. # 226 Transfer complete. local: id_rsa.pub remote: id_rsa.pub 220 bytes sent in 0.00072 seconds (299.97 Kbytes/s) ftp> bye 221-You have transferred 220 bytes in 1 files. 221-Total traffic for this session was 723 bytes in 1 transfers. 221-Thank you for using the FTP service on sun2. 221 Goodbye. -bash-3.00$
On Second Machine: 14. 15. Login with uhgiex user. Check id_rsa.pub file.
16. Make .ssh directory in the home directory of user i.e. /usr/prms/ftp/switches/28 in this case.
-bash-3.00$ pwd /usr/prms/ftp/switches/28 -bash-3.00$ mkdir .ssh
17. Change present working directory to .ssh and check whether the authorized_keys file is available in the .ssh directory. If file is not there then create it using touch command.
-bash-3.00$ cd .ssh -bash-3.00$ ls ltr total 0 -bash-3.00$ touch authorized_keys -bash-3.00$ cd ..
18.
Now, user1 of First Machine can do the SSH, SCP & SFTP to the uhgiex user of the Second Machine.
-bash-3.00$ ssh uhgiex@192.168.10.6 The authenticity of host '192.168.10.6 (192.168.10.6)' can't be established. RSA key fingerprint is ce:ac:2d:7b:fb:a3:9c:b2:9d:b3:9f:dd:ae:51:5b:3d. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.10.6' (RSA) to the list of known hosts. Last login: Thu Jun 9 12:50:26 2011 from 192.168.10.2 Sun Microsystems Inc. SunOS 5.10 Generic January 2005 -bash-3.00$ exit logout Connection to 192.168.10.6 closed. -bash-3.00$ sftp uhgiex@192.168.10.6 Connecting to 192.168.10.6... sftp> bye -bash-3.00$