Steve's random ramblings and technical notes

Thursday, June 09, 2005

SSH - Automagic Login HowTo

After much trial-and-error accompanied by numerous searches on Google, I was finally able to automate an SSH login to my Linux serverusing a public-key.
You might be thinking, "Why would I need to do this, can't you just type a password?" Well sure, that's what I've been doing for years. My need for automation on this box is for daily backup of documents from one machine to another using Unison.
Of course, there is documentation in Unison that mentions the ability to do an automatic login but it doesn't give a lot of details (and in fact, other sites just mention that it's difficult and leave it at that).
Now I, never being one to shirk a challenge, decided to give it a go and write down all the nitty-gritty details so others would be able to get their login working much more quickly. I'll assume you're familiar with downloading, moving and renaming files in both Windows and Linux. These steps were done on machines running Windows XP and TinySofa Enterprise Server. So hold on to your hat, here goes... (and remember YMMV)

  1. Download the required software to each machine:
    • OpenSSH for Windows (the linux box already has it)
    • Unison
    • The Windows and Linux binaries must be the same version (2.12.15 at the time of writing)
  2. Install OpenSSH on your Windows machine (you don't need to start the SSH server for this procedure)
    • I already had a newer version of cygwin1.dll in my path, so I copied the following files to that directory (c:\bin) to avoid an error regarding multiple cygwin1.dll versions.
      • cygcrypto-0.9.7.dll
      • cygiconv-2.dll
      • cygminires.dll
      • cygz.dll
      • ssh.exe
  3. Copy the downloaded Unison executable to C:\Winnt (or some other directory in your path) with a filename of unison.exe
    • copy unison-2.12.15-win-text.exe c:\bin\unison.exe
  4. On the Linux box, we'll make Unison executable and copy it to a directory in it's path.
    • bunzip2 unison-2.12.15-linux-text.bz2
    • chmod +x unison-2.12.15-linux-text
    • cp unison-2.12.15-linux-text /usr/local/bin/unison
    • To verify that it's the first copy in your path, type "unison -version" and make sure the version reported is what you just installed.
  5. Create your SSH key with no passphrase
    • ssh-keygen -b 1024 -t rsa -f "key-filename"
    • leave the passphrase empty
    • cat "key-filename".pub >> .ssh/authorized_keys
    • this appends the new key to your authorized_keys file or creates it if needed
  6. Copy the private and public keys back to your Windows machine (I like WinSCP3 for things like this).
  7. Look through the Unison documentation for the location of your default.prf file and add the following line at the end of the file:
    • sshargs = -l your_username -i c:\path\to\your\key\"key_filename"
If you want to use Putty, WinSCP or some other SSH application with this method, just scan through their documentation for something like "automatic login" or "public key" and follow their directions using the keys generated in step 5 above. For each machine you log in to, just do step 5.2 to add your public key on that machine.

Note, I tried generating the ssh-key with Putty keygen on the Windows machine, but it apparently didn't format the public key correctly for the authorized_keys file. However, after removing carriage-returns and adding "ssh-rsa" to the beginning and my username to the end of the appropriate line, I was able to use the key generated by Putty. Each key should be just one line in the authorized_keys file and its format looks like
ssh-rsa some-long-and-seemingly-random-sequence-of-characters=
with spaces before and after the actual key.

Update: 7/21/2005 - I found a related troubleshooting page here.

    Comments: Post a Comment

    << Home

    This page is powered by Blogger. Isn't yours?