Skip to main content

Linux: how to ssh login without password

There are 2 Linux hosts: 001 and 002. User 'tuyendq' wants to ssh login from 001 to 002 without entering password.

Generate ssh key pair on 001 host

[tuyendq@001 ~]$ ssh-keygen -t rsa

Remotely create ~/.ssh directory on 002 host

[tuyendq@001 ~]$ ssh tuyendq@002.practicehabits.net mkdir -p .ssh

Remotely append .ssh/id_rsa.pub file content to .ssh/authorized_keys file on 002 host

[tuyendq@001 ~]$ cat .ssh/id_rsa.pub | ssh tuyendq@002.practicehabits.net 'cat >> .ssh/authorized_keys'

Try ssh from 001 host to 002 host without enter password

[tuyendq@001 ~]$ ssh tuyendq@002.practicehabits.net

$ exit
Connection to 002.practicehabits.net closed.
[tuyendq@001 ~]$

Host key verification failed

C:\Users\Tuyen>ssh 192.168.64.141
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:mad5gNQXpUJ0Iro8Ycfz7+AUsm7+mqEyxSlL8Ro6FqU.
Please contact your system administrator.
Add correct host key in C:\\Users\\Tuyen/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in C:\\Users\\Tuyen/.ssh/known_hosts:10
ECDSA host key for 192.168.64.141 has changed and you have requested strict checking.
Host key verification failed.

One way to remove line 10 from known_hosts file

C:\Users\Tuyen>ssh-keygen -R 192.168.64.141
# Host 192.168.64.141 found: line 10
C:\Users\Tuyen/.ssh/known_hosts updated.
Original contents retained as C:\Users\Tuyen/.ssh/known_hosts.old

C:\Users\Tuyen>ssh 192.168.64.141
The authenticity of host '192.168.64.141 (192.168.64.141)' can't be established.
ECDSA key fingerprint is SHA256:mad5gNQXpUJ0Iro8Ycfz7+AUsm7+mqEyxSlL8Ro6FqU.
Are you sure you want to continue connecting (yes/no)?

Another way to remove line 10 from known_hosts file

C:\Users\Tuyen>sed -i '10d' .ssh/known_hosts
Labels:

Popular posts from this blog

Powershell: Enable Firewall Log

We sometimes need to enable Windows firewall's log to troubleshoot. Here is how.
Read more

Powershell: head and tail command

Use head or tail to skim the first or last 5 lines.
Read more

[Microsoft Outlook]: Set .pst and .ost files location with ForcePSTPath Registry Key

Set .pst and .ost files location with ForcePSTPath Registry Key The ForcePSTPath registry key is supported by Microsoft Outlook 2003 and later. In Microsoft Outlook 2003 and 2007, it applies to new profiles only. Microsoft Outlook 2013 and Outlook 2016 it applies to new accounts created in a profile. Microsoft Outlook 2013 saves .pst in   %userprofile%\Documents\Outlook Files folder by default. We can change that default setting by adding a new string registry key called ForcePSTPath and set the value to the folder that we want to save those files. Set Microsoft Outlook 2013 always save new .pst and .ost files to D:\Data\Mail folder OST file reached the maximum size The OST File Has Reached The Maximum Size
Read more