How to use ssh without asking password?

We may need to login to other servers or our script may need to collect data from other servers. As we know, ssh is a secured connection to the remote servers and we may need to login without password. Here are the steps to use ssh login without password:

aspadmin is an existing user in both "LinuxMonitor" and "mail1" servers.

Step-1: Generating Keys:


aspadmin@LinuxMonitor:~> ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/aspadmin/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/aspadmin/.ssh/id_rsa.
Your public key has been saved in /home/aspadmin/.ssh/id_rsa.pub.
The key fingerprint is:
24:bf:71:70:ba:72:39:76:3e:a7:1c:bc:81:c3:92:f5 aspadmin@LinuxMonitor

Step-2: Creating ".ssh" folder in remote machine(mail1) for user(aspadmin)


aspadmin@LinuxMonitor:~> ssh aspadmin@mail1 mkdir -p .ssh

The authenticity of host 'mail1' can't be established.
RSA key fingerprint is 8b:2a:08:a9:89:8d:8e:31:25:0a:dd:77:d5:7f:30:e0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'mail1,' (RSA) to the list of known hosts.
Password:

Step-3: Copying the key to the remote machine(mail1) for user(aspadmin)


aspadmin@LinuxMonitor:~> scp .ssh/id_rsa.pub aspadmin@mail1:~aspadmin/.ssh/authorized_keys2

Password:
id_rsa.pub 100% 231 0.2KB/s 00:00


Step-4: Thats all. Now you can connect to mail1 without password.


aspadmin@LinuxMonitor:~> ssh mail1

Last login: Wed Jun 25 14:51:52 2008 from xxx
aspadmin@mail1:~>



-----------------------------------------------------------------------------------------------------------------
Topics will be covered in this Blog are : Linux System Administrator - Memory Performance Tuning - File System - User Group - Linux / Unix Commands Processes - Virtual Swap Memory - Mail Server - Remote Access - Linux Permissions - Boot procedure system Logging - Network (xinetd) Configuration (ifconfig) - DNS - DHCP - Web Server - Kernel - Shell Script - Tuning Optimization High Availability Heart-BeatClustering-Backup and Recovery - Network Time Protocol - NIS - NFS - RPM Partition - /proc - Scheduling (crontab) - mount unmount - secured shell (ssh) - Remote Access - Virtual Network Computing (VNC) Default Ports - Services
-----------------------------------------------------------------------------------------------------------------

How to configure xinetd?

xinetd Daemon

By default xinetd does not start automatically. You can find this service under /etc/init.d. To make xinetd daemon to start start automatically during boot, run insserv xinetd (or) chkconfig xinetd on

To start/stop/restart/reload xinetd, use rcxinetd command

Configuration

/etc/xinetd.conf is a default configuration file of xinetd. You may not need to make any changes in this file.

You can include dedicated configuration file for each service under /etc/xinetd.d folder.
Example configuration file for pop3

service pop3
{
port = 110
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/sbin/popper
}

Few useful options are below:

instances = 30 #Maximum number of instaances
cps = 50 10 #50 connections per seconds, 10 seconds wait time after 50 connections.
only_from #allow from specific remote hosts
no_access #restrict access for specific remote hosts
access_time #service available time e.g. access_time 09:00-20:00
interface #specify which IP being used for xinetd when more than one interface used.

For more information man xinetd
-----------------------------------------------------------------------------------------------------------------
Topics will be covered in this Blog are : Linux System Administrator - Memory Performance Tuning - File System - User Group - Linux / Unix Commands Processes - Virtual Swap Memory - Mail Server - Remote Access - Linux Permissions - Boot procedure system Logging - Network (xinetd) Configuration (ifconfig) - DNS - DHCP - Web Server - Kernel - Shell Script - Tuning Optimization High Availability Heart-BeatClustering-Backup and Recovery - Network Time Protocol - NIS - NFS - RPM Partition - /proc - Scheduling (crontab) - mount unmount - secured shell (ssh) - Remote Access - Virtual Network Computing (VNC) Default Ports - Services
-----------------------------------------------------------------------------------------------------------------

why xinetd

The services can be fired when the system boots, which will occupy its respective ports and waiting for connections always. It will be using resources un-necessarily if the services will be used occasionally.

xinetd process run behalf of the services and it starts the process if any connection comes. So, it saves more system resources.

-----------------------------------------------------------------------------------------------------------------
Topics will be covered in this Blog are : Linux System Administrator - Memory Performance Tuning - File System - User Group - Linux / Unix Commands Processes - Virtual Swap Memory - Mail Server - Remote Access - Linux Permissions - Boot procedure system Logging - Network (xinetd) Configuration (ifconfig) - DNS - DHCP - Web Server - Kernel - Shell Script - Tuning Optimization High Availability Heart-BeatClustering-Backup and Recovery - Network Time Protocol - NIS - NFS - RPM Partition - /proc - Scheduling (crontab) - mount unmount - secured shell (ssh) - Remote Access - Virtual Network Computing (VNC) Default Ports - Services
-----------------------------------------------------------------------------------------------------------------