Tuesday, August 19, 2014

Setup SSH with DSA public key authentication (password less login)

Step #1: Generate DSA Key Pair
Use ssh-keygen command as follows:


$ ssh-keygen -t dsa
Output:

[root@hadoop01 ~]# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
63:c2:66:e8:b2:c4:49:cf:1c:6a:17:bb:4f:88:2f:b3 root@hadoop01.localdomain.com
[root@hadoop01 ~]#

Caution:
a) Please enter a passphrase different from your account password and confirm the same.
b) The public key is written to /home/you/.ssh/id_dsa.pub.
c) The private key is written to /home/you/.ssh/id_dsa.
d) It is important you never-ever give out your private key.

Step #2: Set directory permission
Next make sure you have correct permission on .ssh directory:
[root@hadoop01 ~]# cd
[root@hadoop01 ~]# chmod 755 .ssh
[root@hadoop01 ~]#

Step #3: Copy public key
Now copy file ~/.ssh/id_dsa.pub on Machine #1 (hadoop1) to remote server hadoop2 as ~/.ssh/authorized_keys:
[root@hadoop01 ~]# scp ~/.ssh/id_dsa.pub root@192.168.1.111:.ssh/authorized_keys
root@192.168.1.111's password:
id_dsa.pub                                                                     100%  619     0.6KB/s   00:00
[root@hadoop01 ~]#
Command to type on your remote server called 192.168.1.111(hadoop2)
Login to your remote server and make sure permissions are set correct:
drwxr-xr-x  2 root root  4096 Aug 19 23:25 .ssh
[root@hadoop02 ~]# chmod 600 ~/.ssh/authorized_keys

Step #4: How do I login from client to server with DSA key?

Use ssh as follows from the first machine(hadoop1)

[root@hadoop01 ~]# ssh root@192.168.1.111
Last login: Tue Aug 19 23:19:52 2014 from 192.168.1.103
drwxr-xr-x  2 root root  4096 Aug 19 23:25 .ssh
[root@hadoop02 ~]# cd .ssh
[root@hadoop02 .ssh]# ls -latr
total 16
drwxr-x--- 16 root root 4096 Aug 19 23:25 ..
-rw-------  1 root root  619 Aug 19 23:25 authorized_keys
drwxr-xr-x  2 root root 4096 Aug 19 23:25 .
[root@hadoop02 .ssh]#


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)