linux — use public key authentication to log into ssh

what to do if you want to automate run rsync over ssh without specify any password to backup data?well the only way to access remote ssh server without password is to use pubkey authentication.

First,on the ssh server you need to login,config it to accept pubkey authentication:

vi /etc/ssh/sshd_config

comment out the line PubkeyAuthentication yes and restart sshd dameon:

/etc/init.d/sshd restart

Second, go to the client server,the one you need to bakup.issue the command ssh-keygen to generate a public and private keypair:

# ssh-keygen

press enter without setting any passphrase,.Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub. Copy the content of id_rsa.pub file and paste it to the backup user’s authorized_keys file on the ssh server. if the you use root user,then you need to stored the pub key to /root/.ssh/authorized_keys.This file store all authorized keys for all clients,each line for each client server.It looks like

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAtjz9QhNQQAqDB/KoiiPLdI2aYyWWuw5QCRqsv+JmdWqWxWivfxCnG+LXw9V/jBpvGFCW4wCwIlO0pq/HGMfts2rjCElWvaeZiDuIwR38TCVbPDzl670MRcWjvp+Gy3IIkrkI7J419VNeCEuGria5t4THdHI4Gsz21nSUbFyko5E= rsa-key-20120510

Third, now you can rsync via ssh without specify ssh password for the user.ie

rsync -avze ‘ ssh -p9998 ‘/home/www/abc.comĀ  root@ip:~/bak

Leave a Reply

Your email address will not be published. Required fields are marked *

*


seven + 5 =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>