Posts

Posted on

How to Setup SSH public-key or password-less authentication in Ubuntu

Here’s how to setup public-key (or passwordless) authentication in Ubuntu or any other Linux based operating system that use OpenSSH.

First make sure you’ve remote SSH server running and accepting connection. Then you need to generate ssh key on local server (I prefer RSA). You can enter passphrase for added security, or leave it blank for passwordless authentication.

local:~$ ssh-keygen -t rsa
Enter passphrase (empty for no passphrase):

The command will generate id_rsa and id_rsa.pub files. The files will be save in ~/.ssh/ directory. Then copy id_rsa.pub file to the remote server using SCP. Read How to use SCP on Linux or other UNIX-based Environment for more information about SCP

local:~$ scp id_rsa.pub username@remote.host:~/

Then you have to connect to the remote host and append the id_rsa.pub public key file to the list of “authorized_keys“. Don’t forget to chmod the authorized_keys file and .ssh directory, or OpenSSH won’t work correctly

local:~$ ssh username@remote.host

#now we are on remote server!
remote:~$ cat id_rsa.pub >> ~/.ssh/authorized_keys
remote:~$ chmod 644 ~/.ssh/authorized_keys
remote:~$ chmod 700 ~/.ssh

Make sure you have edited the “/etc/ssh/sshd_config” file to allow Public key authentication and RSA authentication.

#sshd_config file

PermitRootLogin no
...snip...
RSAAuthentication yes
PubkeyAuthentication yes
...snip..

Save and restart sshd server daemon by running the following command.

remote:~$ sudo /etc/init.d/ssh restart

After that, logout from the remote host to test the Public-key authentication


remote:~$ exit
local:~$

Testing the SSH public-key authentication
To test the public-key authentication, simply connect to remote server normally using ssh, and if things have gone smoothly you’ll be prompted to enter your passphrase, instead of password.


local:~$ ssh username@remote.host
Enter passphrase for key '/home/username/.ssh/id_rsa':

Note that you will not be prompted to enter passphrase/password if you’ve generated a key with “blank passphrase“, effectively making your login “passwordless”. For added security, it is advised that you disable normal interactive-keyboard password option and rely fully on public-key authentication by changing sshd_config line from:

PasswordAuthentication yes

to


PasswordAuthentication no

p/s: this tutorial was adapted from Shortest passwordless ssh tutorial, ever with updated notes for latest OpenSSH release

Posted on

Book Giveaway: Linux Module Programming Guide

Free !

Listen up!

UbuntuGeek is giving away the “Linux Kernel Module Programming Guide” e-book for free! The book contains guides and tutorial on how to write loadable Linux kernel module and drivers.

According to its official description:

“An excellent guide for anyone wishing to get started on kernel module programming. The author takes a hands-on approach starting with writing a small “hello, world” program, and quickly moves from there. Far from a boring text on programming, Linux Kernel Module Programming Guide has a lively style that entertains while it educates”

Linux Kernel Module Programming Guide

Download now: Linux Kernel Module Programming Guide (PDF)

Posted on

Halloween Specials: Unmetered and Unlimited Web Hosting Space

Its Halloween and Holiday Specials!

I’m giving away two promotion codes for Dreamhost Web Hosting

The first promo-code is MYLINUX, that will get you

  • 1 Unique IP Address
  • 1 Free Domain with Hosting Account
  • 97-day money back guarantee
  • Unlimited Storage, Unmetered Bandwith
  • Shell account (SSH, SFTP, FTP) access
  • Up to $75 Google AdWords credit included!
  • Support PHP5/MySQL5,Ruby,Python
  • All this for only USD 90!

The second promo code is, HALLOWEVE, this one will get you :

  • 1 Free Domain with Hosting Account
  • 97-day money back guarantee
  • Unlimited Storage, Unmetered Bandwith
  • Shell account (SSH, SFTP, FTP) access
  • Up to $75 Google AdWords credit included!
  • Support PHP5/MySQL5,Ruby,Python
  • All this for only USD 75 for a year or 140 for two years registration!

You can redeem your promo codes now at Dreamhost Web Hosting!

p/s: Dreamhosts box runs Debian GNU/Linux operating systems

Posted on

How to use SCP on Linux or other UNIX-based Environment

SCP is used to copy files securely over network. In order to use SCP, the remote host must be configured to use SSH server (OpenSSH on Linux system, including Ubuntu) and the user must have an account on remote server.

scp syntax is easy,


local:~$ scp <source> <username>@<remote_host>:<destination>

Example for copying local file to the users home directory on remote host, you can replace mypapit with your own username

local:~$ scp id_rsa_.pub mypapit@remote.host:~/

id_rsa.pub 100% 392 0.9KB/s 00:00

local:~$

To list the file on the remote directory, just run

local:~$ ssh mypapit@remote.host ls

temp_file.txt id_rsa.pub

and the content of remote directory will be displayed.

Copying file recursively
To copy file recursively, you only need to add “-r” switch. Add -v for verbose output.

Example:

local:~$ scp -rv ~/* username@remote.host:~/backup

Conclusion
SCP is easy to use especially when you want to copy or upload files from client to server without the use of FTP server. Additionally, the content of the files transfered is encrypted over SSH communication and you get the benefit of simplicity while working on the console.