#!/bin/bash # # ******************************************************** #* Copyright (c) Scarlet Line 2010 #* Created on 2010-01-01 by Kevin Shepherd #* $URL$ #* $Id$ #**********************************************************/ #** \file ssh-pwd # \brief Script to securely remove the need to type ssh passwords. # # This script uses public/private key encryption to authorize the # local host to connect securely to the remote host via ssh. # Documented at: http://www.scarletline.com/howto/remove_ssh_password.html # filename: ssh-pwd # LOCALUSER=$USER # - your user name at the local computer LOCALHOST=$HOSTNAME # - the host name of your local computer REMOTEHOST=$1 # - the host name of the remote computer REMOTEUSER=$LOCALUSER # - the user name that you connect to the remote computer as # REMOTEPASS # - the remote user's password on the remote system if [ "$REMOTEHOST" == "" ] then echo "Usage: ssh-pwd []" exit 1 fi if [ "$2" != "" ] then REMOTEUSER=$2 fi echo "LOCALUSER=$LOCALUSER - your user name at the local computer"; echo "LOCALHOST=$LOCALHOST - the host name of your local computer"; echo "REMOTEUSER=$REMOTEUSER - the user name as whom you connect to the remote computer"; echo "REMOTEHOST=$REMOTEHOST - the host name of the remote computer"; echo "$LOCALUSER@$LOCALHOST --> $REMOTEUSER@$REMOTEHOST" # Set Up Your Local System Once if [ ! -f ~/.ssh/id_rsa.pub ] then echo "Setting up your local system keys ..." echo " ssh-keygen -t rsa -N \"\" -C \"Automatically generated by ssh-pwd\" -f ~/.ssh/id_rsa" ssh-keygen -t rsa -N "" -C "Automatically generated by ssh-pwd" -f ~/.ssh/id_rsa # Generating public/private rsa key pair. # Enter file in which to save the key (/home//.ssh/id_rsa): # Enter passphrase (empty for no passphrase): # Enter same passphrase again: # Your identification has been saved in /home//.ssh/id_rsa. # Your public key has been saved in /home//.ssh/id_rsa.pub. # The key fingerprint is: # 62:a5:fc:a4:b0:d8:87:f0:98:28:17:d4:e3:8e:aa:2f @ echo " ls -l ~/.ssh" ls -l ~/.ssh # id_rsa id_rsa.pub known_hosts else echo "Keys already exist in ~/.ssh" echo " ls -l ~/.ssh" ls -l ~/.ssh fi # Set Up The Remote Host echo "Setting up remote host ..." echo " scp -o StrictHostKeyChecking=no ~/.ssh/id_rsa.pub $REMOTEUSER@$REMOTEHOST:$LOCALHOST.ssh" echo " *** When asked for a password, enter that of $REMOTEUSER@$REMOTEHOST ***" scp -o StrictHostKeyChecking=no ~/.ssh/id_rsa.pub $REMOTEUSER@$REMOTEHOST:$LOCALHOST.ssh # @'s password: # id_rsa.pub 100% 227 824.0KB/s 00:00 echo " ssh -o StrictHostKeyChecking=no $REMOTEUSER@$REMOTEHOST \"if [ ! -d ~/.ssh ]; then mkdir ~/.ssh; fi; if [ -f ~/.ssh/authorized_keys ]; then cat ~/$LOCALHOST.ssh >> ~/.ssh/authorized_keys; else cp ~/$LOCALHOST.ssh ~/.ssh/authorized_keys; fi; chmod 644 ~/.ssh/authorized_keys;ls -l ~/.ssh\"" echo " *** When asked for a password, enter that of $REMOTEUSER@$REMOTEHOST ***" ssh -o StrictHostKeyChecking=no $REMOTEUSER@$REMOTEHOST "if [ ! -d ~/.ssh ]; then mkdir ~/.ssh; fi; if [ -f ~/.ssh/authorized_keys ]; then cat ~/$LOCALHOST.ssh >> ~/.ssh/authorized_keys; else cp ~/$LOCALHOST.ssh ~/.ssh/authorized_keys; fi; chmod 644 ~/.ssh/authorized_keys;ls -l ~/.ssh" # @'s password: # cat ~/$LOCALHOST.ssh >> ~/.ssh/authorized_keys # chmod 644 ~/.ssh/authorized_keys # ls -l ~/.ssh # total 8 # -rw-r--r-- 1 227 Feb 23 14:27 authorized_keys # -rw-r--r-- 1 222 Dec 13 02:13 known_hosts # exit # Connection to closed. echo "Test automatic connection (worked if there are no complaints) ..." echo " ssh -v $REMOTEUSER@$REMOTEHOST exit" ssh -v $REMOTEUSER@$REMOTEHOST exit # Last login: Thu Feb 23 14:26:00 2006 from 192.168.1.67 # Access to, or unauthorized use of data on this computer by any person other # than authorized employee(s) or owner(s) of an account is strictly prohibited # and may result in legal action against such person.