In some
certain reason, password less authentication is require on remote machine which
helps to access the remote machine without entering the password for login,
deployment and management purpose.
This article describes How to Configure Password Less
Authentication on CentOS8.
Step 1 User Creation: Run the
following command to create a separate user for password less authentication
and set password:
|
[root@LC-Ansible-Master
~]# adduser ansible-user
[root@LC-Ansible-Master
~]# passwd ansible-user
Changing password for
user ansible-user.
New password:
BAD PASSWORD: The
password contains the user name in some form
Retype new password:
passwd: all
authentication tokens updated successfully.
[root@LC-Ansible-Master
~]#
|
Step 2. Generate SSH Key: Switch
with the user and generate random SSH RSA key on source machine:
|
[root@LC-Ansible-Master
~]# su - ansible-user
[ansible-user@LC-Ansible-Master ~]$
[ansible-user@LC-Ansible-Master
~]$ ssh-keygen -t rsa
Generating
public/private rsa key pair.
Enter file in which to
save the key (/home/ansible-user/.ssh/id_rsa):
Created directory
'/home/ansible-user/.ssh'.
Enter passphrase
(empty for no passphrase):
Enter same passphrase
again:
Your identification
has been saved in /home/ansible-user/.ssh/id_rsa.
Your public key has
been saved in /home/ansible-user/.ssh/id_rsa.pub.
The key fingerprint
is:
SHA256:pox4pH3JyeYDlCB51KiyhXn5DNm6sO8SSCgW9XB4V/U
ansible-user@LC-Ansible-Master
The key's randomart
image is:
+---[RSA 2048]----+
| oo=.. ....
|
|o.+.=. . .
|
|.*.=.o. E
|
|Bo* + |
|*+ *. S
|
|= .=+= = |
| +o.+.X |
|o .. +. |
| +o ..
|
+----[SHA256]-----+
[ansible-user@LC-Ansible-Master
~]$
|
Step 3. Copy SSH Key: Copy
the key to the remote machine using ssh-copy-id command:
|
[ansible-user@LC-Ansible-Master
~]$ ssh-copy-id ansible-user@192.168.43.30
/usr/bin/ssh-copy-id:
INFO: Source of key(s) to be installed:
"/home/ansible-user/.ssh/id_rsa.pub"
The authenticity of
host '192.168.43.30 (192.168.43.30)' can't be established.
ECDSA key fingerprint
is SHA256:MkomPfEhQowbzv64aX34auq0zi7NDZKaCJId3vO4ay8.
Are you sure you want
to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id:
INFO: attempting to log in with the new key(s), to filter out any that are
already installed
/usr/bin/ssh-copy-id:
INFO: 1 key(s) remain to be installed -- if you are prompted now it is to
install the new keys
ansible-user@192.168.43.30's
password:
Number of key(s)
added: 1
Now try logging into
the machine, with: "ssh
'ansible-user@192.168.43.30'"
and check to make sure
that only the key(s) you wanted were added.
[ansible-user@LC-Ansible-Master
~]$
|
Step 4. Verify Password Less Login: Run
the following command to validate password less login on remote machine:
|
[ansible-user@LC-Ansible-Master
~]$ ssh
ansible-user@192.168.43.30
[ansible-user@LC-Ansible-Node1
~]$ hostname
LC-Ansible-Node1
[ansible-user@LC-Ansible-Node1
~]$
|
Done!
Password less authentication and login configured successfully.
No comments:
Post a Comment