|
|
Sponsored Content
Top Forums
UNIX for Beginners Questions & Answers
Ssh password
Post 303024473 by Peasant on Tuesday 9th of October 2018 11:07:19 AM
10-09-2018
Moderator
You could have same key for everyone, granulated by group for instance.
If you really want to do it in that fashion, take a look at AuthorizedKeysFiles and Match directive for your SSH server.
It should be doable, in a way when user is created and belonging to a group and has public key to login without additional intervention, since the key is effectively per group configured globally on ssh server.
I have not tested this scenario, nor used it and hopefully i understood the requirement.
Spin up couple of vm boxes and give it a shot
Regards
Peasant.
If you really want to do it in that fashion, take a look at AuthorizedKeysFiles and Match directive for your SSH server.
It should be doable, in a way when user is created and belonging to a group and has public key to login without additional intervention, since the key is effectively per group configured globally on ssh server.
I have not tested this scenario, nor used it and hopefully i understood the requirement.
Spin up couple of vm boxes and give it a shot
Regards
Peasant.
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello all,
I would like to know if anyone had ever set up a network in which they used DHCP and OPENSSH with no password. I can configure my ssh files to allow me to enter any machine without a password as long as I have generated the public and private keysa nd store them in my .ssh/aut... ... (3 Replies)
Discussion started by: larryase
3 Replies
2. UNIX for Advanced & Expert Users
Hi,
Can anybody tell me a way to do ssh , without prompting for password from keyboard, Using RSA. The requirement is I need to create the key , using passphrase also.....
Is there any way to do it in UNIX ?
I am doing it from AIX machine , but remote machine is Linux
I tried... (8 Replies)
Discussion started by: shihabvk
8 Replies
3. HP-UX
Hi,
I have the necessity to run a korn shell on a remote server (both HP-UX servers) using the ssh command.
The sintax that I use is
ssh -l <remote user> <IP address of remote host> command(ksh script)
Pressing enter I need to set the password of the remote user. Is it possible to... (2 Replies)
Discussion started by: gio123bg
2 Replies
4. Solaris
Hi Gurus
I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails.
Resetting my password reenables the keys.
Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies
5. Shell Programming and Scripting
Please help me
I want connect to orther server using ssh. But I need to transfer password also without entering when it is prompts. Please help me. (1 Reply)
Discussion started by: saga499
1 Replies
6. UNIX for Dummies Questions & Answers
How to setup SSH to not require a password when establishing an SSH connection from server A to server B for particular user? (4 Replies)
Discussion started by: sam101
4 Replies
7. Solaris
I am working on Solaris 10 Sparc.
While ssh trust relation building for SUN-CLUSTER on server,
I am facing issue.
I can log in from server2 to serer1 direactly
but when i log in to server1 from server2 it prompts password.
root@app1 # ssh app2
Last login: Wed Jul 27 14:08:14 2011... (0 Replies)
Discussion started by: anand87
0 Replies
8. Red Hat
Hi,
I am trying to generate ssh without having to type a password.
I have done this on numerous occasions using the procedure below and it has worked fine but not on this occasion.
user1@sys1:ssh-keygen -t dsa -N ""
<press enter for any questions>
user1@sys1: ll .ssh/id_dsa.pub... (16 Replies)
Discussion started by: Duffs22
16 Replies
9. Shell Programming and Scripting
Hello Guys,
I have a specific requirement where I need to provide password to ssh and sftp in my script on Solaris.
I know password-less connection is the way without password but in my case, I cant use the same due to some limitations.
Please let me know if we can tweak it. (7 Replies)
Discussion started by: Deei
7 Replies
10. Red Hat
Hello Experts,
when I am trying to connect my target server through sftp after creating ssh password less setup, it is asking for passowrd to connect.
to setup this I followed below process:
-->generated keys by executing the command "ssh-keygen -t rsa"
-->this created my .ssh directory... (9 Replies)
Discussion started by: Devipriya Ch
9 Replies
LEARN ABOUT DEBIAN
puttygen
puttygen(1) PuTTY tool suite puttygen(1) NAME
puttygen - public-key generator for the PuTTY tools SYNOPSIS
puttygen ( keyfile | -t keytype [ -b bits ] ) [ -C new-comment ] [ -P ] [ -q ] [ -O output-type | -l | -L | -p ] [ -o output-file ] DESCRIPTION
puttygen is a tool to generate and manipulate SSH public and private key pairs. It is part of the PuTTY suite, although it can also inter- operate with the private key formats used by some other SSH clients. When you run puttygen, it does three things. Firstly, it either loads an existing key file (if you specified keyfile), or generates a new key (if you specified keytype). Then, it optionally makes modifications to the key (changing the comment and/or the passphrase); finally, it outputs the key, or some information about the key, to a file. All three of these phases are controlled by the options described in the following section. OPTIONS
In the first phase, puttygen either loads or generates a key. Note that generating a key requires random data (from /dev/random), which can cause puttygen to pause, possibly for some time if your system does not have much randomness available. The options to control this phase are: keyfile Specify a private key file to be loaded. This private key file can be in the (de facto standard) SSH-1 key format, or in PuTTY's SSH-2 key format, or in either of the SSH-2 private key formats used by OpenSSH and ssh.com's implementation. -t keytype Specify a type of key to generate. The acceptable values here are rsa and dsa (to generate SSH-2 keys), and rsa1 (to generate SSH-1 keys). -b bits Specify the size of the key to generate, in bits. Default is 1024. -q Suppress the progress display when generating a new key. In the second phase, puttygen optionally alters properties of the key it has loaded or generated. The options to control this are: -C new-comment Specify a comment string to describe the key. This comment string will be used by PuTTY to identify the key to you (when asking you to enter the passphrase, for example, so that you know which passphrase to type). -P Indicate that you want to change the key's passphrase. This is automatic when you are generating a new key, but not when you are modifying an existing key. In the third phase, puttygen saves the key or information about it. The options to control this are: -O output-type Specify the type of output you want puttygen to produce. Acceptable options are: private Save the private key in a format usable by PuTTY. This will either be the standard SSH-1 key format, or PuTTY's own SSH-2 key format. public Save the public key only. For SSH-1 keys, the standard public key format will be used (`1024 37 5698745...'). For SSH-2 keys, the public key will be output in the format specified by RFC 4716, which is a multi-line text file beginning with the line `---- BEGIN SSH2 PUBLIC KEY ----'. public-openssh Save the public key only, in a format usable by OpenSSH. For SSH-1 keys, this output format behaves identically to public. For SSH-2 keys, the public key will be output in the OpenSSH format, which is a single line (`ssh-rsa AAAAB3NzaC1yc2...'). fingerprint Print the fingerprint of the public key. All fingerprinting algorithms are believed compatible with OpenSSH. private-openssh Save an SSH-2 private key in OpenSSH's format. This option is not permitted for SSH-1 keys. private-sshcom Save an SSH-2 private key in ssh.com's format. This option is not permitted for SSH-1 keys. If no output type is specified, the default is private. -o output-file Specify the file where puttygen should write its output. If this option is not specified, puttygen will assume you want to overwrite the original file if the input and output file types are the same (changing a comment or passphrase), and will assume you want to output to stdout if you are asking for a public key or fingerprint. Otherwise, the -o option is required. -l Synonym for `-O fingerprint'. -L Synonym for `-O public-openssh'. -p Synonym for `-O public'. The following options do not run PuTTYgen as normal, but print informational messages and then quit: -h, --help Display a message summarizing the available options. -V, --version Display the version of PuTTYgen. --pgpfp Display the fingerprints of the PuTTY PGP Master Keys, to aid in verifying new files released by the PuTTY team. EXAMPLES
To generate an SSH-2 RSA key pair and save it in PuTTY's own format (you will be prompted for the passphrase): puttygen -t rsa -C "my home key" -o mykey.ppk To generate a larger (2048-bit) key: puttygen -t rsa -b 2048 -C "my home key" -o mykey.ppk To change the passphrase on a key (you will be prompted for the old and new passphrases): puttygen -P mykey.ppk To change the comment on a key: puttygen -C "new comment" mykey.ppk To convert a key into OpenSSH's private key format: puttygen mykey.ppk -O private-openssh -o my-openssh-key To convert a key from another format (puttygen will automatically detect the input key type): puttygen my-ssh.com-key -o mykey.ppk To display the fingerprint of a key (some key types require a passphrase to extract even this much information): puttygen -l mykey.ppk To add the OpenSSH-format public half of a key to your authorised keys file: puttygen -L mykey.ppk >> $HOME/.ssh/authorized_keys BUGS
There's currently no way to supply passphrases in batch mode, or even just to specify that you don't want a passphrase at all. PuTTY tool suite 2004-03-24 puttygen(1)