Thursday, July 10, 2008

Password-less SSH for Batch Processing

1. Generation of Public-Private RSA key pair.

$ mkdir -p ~/.ssh
$ cd ~/.ssh
$ ssh-keygen -f keyname-identity -P '' -t rsa1

2. Allowing Password less Login on remote-machine.

Copy your public key on remote-machine.
$ scp remote-machine:./.ssh/authorized_keys

Edit authorized_keys on remote-machine
Please place this line before your public key
in the authorized_keys file content

For example:

from="local-machine",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command="ls -la" 2048 35 1383...

3. Please make your private key secure.

$ chmod 511 ~/.ssh
$ chmod 400 ~/.ssh/keyname-identity

!! Caution !!

Putting a password less key in a file is exactly like writing a password on a piece of paper. A person who can access to your key file can do whatever you can do with the key.

No comments: