So now you have key-based authentication setup for remote administration of your servers and you really want to crank up the laziness factor.
Remembering a password sucks, especially if you’ve eliminated them for logons. Now you only need it for sudo commands, right? NOT AFTER THIS DANDY!!
Every time you need to run something that requires root privileges, you have to type sudo and then your password if you haven’t used the command recently.
Lets quit beating around the bush and get some work done.
~$ sudo visudo
If your user name isn’t already in the config, scroll down and add this line at the bottom. If it is, just modify it to fit this format (specifically the NOPASSWD: )
username ALL=NOPASSWD: ALL
Then save it and quit. Now your good to go! No more pesky password.
This makes your private key very important to protect, especially if you didn’t put a passphrase on it.
Windows = Still Exists
Administration from Windows of Linux = Putty
Key-based authentication from Putty = Puttygen
Launch the key generator included with Putty called PuTTYgen.
Click Generate. Move the mouse around for some good ol random numbers.
Stick a passphrase on it if you’re feeling insecure about yourself.
Save the public key somewhere and save the private key somewhere too. (Both are required for a good time.)
Before you close the program, copy the prepared public key to the clipboard from the box in PuTTYgen that has been prepared for the authorized_keys file.
Open an ssh session to the machine you’re administering.
~$ cat >> ~./ssh/authorized_keys
Then paste your key in there, hit enter, and press CTRL-C.
Now create a new session in PuTTY.
Go to Connection > Data and put in your Auto-login username that you just appended the public key to.
Then go to Connection > SSH > Auth and put the path of your private key in the box.
Then go back up to Session. Put the address or host name of your machine in the Host Name box, stick a name in Saved Sessions and hit Save.
Now you can double-click on it for instant satisfaction of authentication.
Sometimes I feel like Linux hasn’t been accepted publicly because people are concerned about getting their public ssh key appended to the authorized_keys file on the servers they are trying to administer. They think they have to scp it over, then ssh in, and finally append it to the correct file.
It’s such a shame because it can easily be accomplished with this one command.
ssh email@example.com “cat >> ~/.ssh/authorized_keys” < ~/.ssh/id_rsa.pub
This executes the cat command on the remote server and takes the input from the local ~/.ssh/id_rsa.pub file.
If you don’t have an id_rsa.pub file, run the following command and follow the instructions.
ssh-keygen -t rsa
Once you’re authorized, you wont have to type a password to log on to that server anymore. However, you will still need it for sudo commands.