Monday 11 March 2019

SSH login without password by Raj Gupta

Your aim

You want to connect two or more AWS client linux severs to AWS master server to automate your tasks. Therefore you need an automatic login from master to all clients server. 


How to do it

First in all client machine do the below setting:- 

Client


  switch to root 
[ec2-user@ip-172-31-46-129 ~]$ sudo –i

add a user
[root@ip-172-31-46-129 ~]# adduser client

set the password for the user
[root@ip-172-31-46-129 ~]# passwd client

now add this user to sudo file 
[root@ip-172-31-46-129 ~]# visudo

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
client ALL=(ALL)       NOPASSWD: ALL

now switch to user
 [root@ip-172-31-46-129 ~]# su – client

now in sshd_config file do the below changes
[client@ip-172-31-46-129 ~]$ sudo vi /etc/ssh/sshd_config

# To disable tunneled clear text passwords, change to no here!

PasswordAuthentication yes
#PermitEmptyPasswords no
#PasswordAuthentication no

then restart the sshd service
[client@ip-172-31-46-129 ~]$ sudo service sshd restart


Now do the below changes to Master EC2 server

Master

Switch to root
[ec2-user@ip-172-31-33-233 ~]$ sudo –i

add a user
[root@ip-172-31-33-233 ~]# useradd master

set the password
[root@ip-172-31-33-233 ~]# passwd master

add this user to sudo file
[root@ip-172-31-33-233 ~]# visudo

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
master ALL=(ALL)       NOPASSWD: ALL

now switch to user
[root@ip-172-31-33-233 ~]# su – master

now do the below changes in sshd_config file
[master@ip-172-31-33-233 ~]$ sudo vi /etc/ssh/sshd_config


# To disable tunneled clear text passwords, change to no here!

#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication no

restart the service now
[master@ip-172-31-33-233 ~]$ sudo service sshd restart


now genreate the key in master
[master@ip-172-31-33-233 ~]$ ssh-keygen

now copy the key to client
[master@ip-172-31-33-233 ~]$ ssh-copy-id client@172.31.46.129        ----first time it will ask password of client user to copy key after that it will not ask

now ssh to client server 
[master@ip-172-31-33-233 ~]$ ssh client@172.31.46.129
Last login: Mon Jan 21 13:24:33 2019

to come back to master give the below command
[client@ip-172-31-46-129 ~]$ logout or ctrl+d
Connection to 172.31.46.129 closed.
[master@ip-172-31-33-233 ~]$

on
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)