HOWTO: Generating SSH Keys for Passwordless Login

ISSUE:

SSH with a passphrase will prompt the user for a password when connecting to the remote host.

INFO:

Hadoop needs to be able to establish secure shell connections without passing a passphrase.  Alternatively, one could setup the ssh-agent which is inherently more secure, but which requires password entry at least once when the agent daemon is first started up.

This article reviews how to setup a key with no password

SOLUTION 1: Connection to different host(s)

on the host you will connect FROM:

generate the public private keys

> ssh-keygen -t dsa -P ” -f ~/.ssh/id_dsa

copy the public key to every host you will connect TO:

> scp ~/.ssh/id_dsa.pub my_user_id@1.2.3.4:~/.ssh/id_dsa.pub

* this should prompt you for a password

shell into the remote machine

> ssh my_user_id@1.2.3.4

authorize the key by adding it to the list of authorized keys

> cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys

log out of the current shell

> exit

test that you can log in with no password

ssh -i ~/.ssh/id_dsa 1.2.3.4

if this prompts for a password

> ensure the remote user is the owner of the pub key

SOLUTION 2: connection to localhost

generate the public private keys

> ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa

authorize the key by adding it to the list of authorized keys

> cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys

test that you can log in with no password

> ssh localhost

check to make sure this works (doesn’t prompt for password)…

Tags: passwordless, ssh Read More »