Here I'm going to explain an specific way: set up a ssh authentication without the need of passphrase.
You should know that it can decrease the security, but it wouldn't be a problem when the requirement is needing it.
So, our goal for now would be to configure a way that lets the agent that's using SSH authentication log in
a machine via automation jobs, for instance cron jobs.
Our requirement for now is described in the scenario below:
- The client has to connect to the server via SSH.
- The connection is fired by a cron job
- The client doesn't have to provide any SSH password or even a passphrase.
In order to make these requirements working you can follow the following steps:
* log in the client and execute the following command
$client ssh-keygen -P '' -t rsa1
you shou accept the default and the result should be as follows:
Your identification has been saved in /homes/username/.ssh/identity.
Your public key has been saved in /homes/username/.ssh/identity.pub.
The key fingerprint is: 6c:96:8c:a8:86:1b:3b:eb:1b:48:8d:3d:8d:c1:4f:dc
username@server.name
* then, send the public key that you have just created to the server
$client scp /homes/username/.ssh/identity.pub username@server:/home/username
* log in the server and add the public keys to your authorized_keys file
If that file already exists, you need to append to it instead of overwriting it.
$server cat ~/identity.pub >> ~/.ssh/authorized_keys
$server chmod 711 ~/.ssh
$server chmod 644 ~/.ssh/authorized_keys
Be careful to not type ">" rather than ">>" because you would overwrite the keys that are already stored there.
* don't forget to delete the public key after you'd added it to your authorized_keys
$server unlink identity.pub
* testing
It should access the server without ask for the username's password or even the ssh phrasecode.