Skip to main content

Linux: how to ssh login without password

There are 2 Linux hosts: 001 and 002. User 'tuyendq' wants to ssh login from 001 to 002 without entering password.

Generate ssh key pair on 001 host

[tuyendq@001 ~]$ ssh-keygen -t rsa

Remotely create ~/.ssh directory on 002 host

[tuyendq@001 ~]$ ssh tuyendq@002.practicehabits.net mkdir -p .ssh

Remotely append .ssh/id_rsa.pub file content to .ssh/authorized_keys file on 002 host

[tuyendq@001 ~]$ cat .ssh/id_rsa.pub | ssh tuyendq@002.practicehabits.net 'cat >> .ssh/authorized_keys'

Try ssh from 001 host to 002 host without enter password

[tuyendq@001 ~]$ ssh tuyendq@002.practicehabits.net

$ exit
Connection to 002.practicehabits.net closed.
[tuyendq@001 ~]$

Host key verification failed

C:\Users\Tuyen>ssh 192.168.64.141
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:mad5gNQXpUJ0Iro8Ycfz7+AUsm7+mqEyxSlL8Ro6FqU.
Please contact your system administrator.
Add correct host key in C:\\Users\\Tuyen/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in C:\\Users\\Tuyen/.ssh/known_hosts:10
ECDSA host key for 192.168.64.141 has changed and you have requested strict checking.
Host key verification failed.

One way to remove line 10 from known_hosts file

C:\Users\Tuyen>ssh-keygen -R 192.168.64.141
# Host 192.168.64.141 found: line 10
C:\Users\Tuyen/.ssh/known_hosts updated.
Original contents retained as C:\Users\Tuyen/.ssh/known_hosts.old

C:\Users\Tuyen>ssh 192.168.64.141
The authenticity of host '192.168.64.141 (192.168.64.141)' can't be established.
ECDSA key fingerprint is SHA256:mad5gNQXpUJ0Iro8Ycfz7+AUsm7+mqEyxSlL8Ro6FqU.
Are you sure you want to continue connecting (yes/no)?

Another way to remove line 10 from known_hosts file

C:\Users\Tuyen>sed -i '10d' .ssh/known_hosts

Labels

Labels:

Popular posts from this blog

Install Microsoft .NET Core SDK

.NET Core Software Development Kit (SDK) is a set of libraries and tools that allow developers to create .NET Core applications and libraries.
Read more

Wireguard VPN: Notes

Notes while trying Wireguard VPN on some of my testbeds.
Read more