The following Tutorial walks you through how to setup authentication using a key pair to negotiate the connection, stopping the requirement for passwords.
1.First, create a public/private key pair on the client that you will use to connect to the server (you will need to do this from each client machine from which you connect):
ssh-keygen -t rsa
Leave the passphrase blank if you dont want to receive a prompt for this.
This will create two files in your ~/.ssh directory called: id_rsa and id_rsa.pub The first: id_rsa is your private key and the second: id_rsa.pub is your public key.
- Now set permissions on your private key:
chmod 700 ~/.ssh chmod 600 ~/.ssh/id_rsa
- Copy the public key (id_rsa.pub) to the server and install it to the authorized_keys list:
cat id_rsa.pub >> ~/.ssh/authorized_keys
Note: once you’ve imported the public key, you can delete it from the server.
- Set file permissions on the server:
chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys
The above permissions are required if StrictModes is set to yes in /etc/ssh/sshd_config (the default).
- Ensure the correct SELinux contexts are set:
restorecon -Rv ~/.ssh
Now when you login to the server you shouldn’t be prompted for a password (unless you entered a passphrase). By default, ssh will first try to authenticate using keys. If no keys are found or authentication fails, then ssh will fall back to conventional password authentication.
NOTE: If you want access to and from some servers you would need to complete this process on each “client setver” and “master server”
If you have any issues with setting this up, please get in touch.