martes, 13 de marzo de 2012

SSH sin password usando llaves Pública y Privada

Generamos el par de claves:

root@notebook:~/.ssh# ssh-keygen

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): ENTER
Enter passphrase (empty for no passphrase): ENTER
Enter same passphrase again: ENTER
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
96:49:a8:2d:23:ec:c0:12:34:d5:08:fd:4b:ca:df:69 root@notebook
The key's randomart image is:
+--[ RSA 2048]----+
| ++.o |
|. .o . . |
|. . . . |
|.o = . o |
|o.+ * o S |
|.o + + . |
| . . . . |
| . E |
| . |
+-----------------+

Vemos las claves que fueron creadas en /root/.ssh:

root@notebook:~/.ssh# ls -l

total 5
-rw------- 1 root root 1679 Mar 13 17:29 id_rsa
-rw-r--r-- 1 root root 395 Mar 13 17:29 id_rsa.pub
-rw-r--r-- 1 root root 1424 Mar 4 07:39 known_hosts

Copiamos la llave pública desde el Cliente SSH al Servidor SSH(192.168.1.100) con el comando ssh-copy-id:

root@notebook:~/.ssh# ssh-copy-id -i id_rsa.pub root@192.168.1.100

The authenticity of host '192.168.1.100 (192.168.1.100)' can't be established.
RSA key fingerprint is 17:bb:b3:dd:30:52:37:30:b6:a6:81:22:a6:b2:cc:31.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.100' (RSA) to the list of known hosts.
root@192.168.1.100's password: INGRESAMOS EL PASWORD DE ROOT
Now try logging into the machine, with "ssh 'root@192.168.1.100'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

Ahora nos logueamos directamente sin ingresar password:

root@notebook:~/.ssh# ssh root@192.168.1.100

Linux netbook 2.5 #1 SMP Mon Jan 16 16:04:25 UTC 2012 i686

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Tue Mar 13 17:35:49 2012 from 192.168.1.100
Publicado por en
Etiquetas:

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)