D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Key-based SSH login for non-interactive user?

 

On Tue, 09 Jun 2009 12:44:42 +0100
Rob Beard wrote:

> Grant Sewell wrote:
> > Hi all,
> >
> > I'm having a bit of a dead-brain week this week.
> >
> > We're trying to setup key-based SSH logins for the Nagios service
> > so it can monitor some of our other servers remotely via SSH.  I've
> > setup key-based SSH logins on my home server, but that was for
> > me... an interactive user account.  As I said, I'm having a bit of
> > a dead-brain week (see me previous posts on other topics for
> > confirmation of this) and I can't for the life of me think how to
> > generate the RSA keys for the Nagios user account on the SSH client
> > machine.
> >
> > Cheers.
> > Grant. :s
> >
> >   
> Um... is it possible to setup an SSH key which doesn't prompt for a 
> password?

Yep.

I've done so on my laptop/server.  If I'm on my laptop and try SSHing
to my home server, it just lets me in.

You have to make sure RSAAuthentication and PubkeyAuthentication are
"yes" on the server's /etc/ssh/sshd_config file (and restart the ssh
service).  The on the client side, as the user you'll be running SSH
from (ie the user I'd normally use on the laptop) run:

$ ssh-keygen -t rsa

And when prompted for passphrases, just hit enter to continue without
setting one.

Once the RSA keypair have been generated, you'd then run:

$ ssh-copy-id -i /path/to/id_rsa.pub username@server

The bit I'm having trouble with is the keygen part - the user account I
want to be able to login from is a non-interactive user. :s

Grant.

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html