How-to: Setup SSH passwordless root login on UCS servers

How to setup SSH passwordless root login

Environment

UCS 4.4 and UCS 5

Preparation

Step 1: Check for existing SSH key pair

Check if a key is already existing:

ls -al ~/.ssh/id_*.pub

If there is an existing key you can try to use that one. Jump to Step 3.

Step 2: Generate a new SSH key pair

ssh-keygen -t rsa -b 4096

If you have found an existing key, use a different name. If not you can use the default one or you name it like you want. Do not enter a passphrase.

Activate passwordless login on the servers

ssh-copy-id -i .ssh/<PUBLIC-keyname> root@server_ip_address

Ensure you use the public key name! If you have name the id_rsa, the public one is named id_rsa.pub!
You need to enter the root password on the external server to transfer the key

Verify the passwordless login

ssh remote_username@server_ip_address

You should get connected without password. If you used an existing key and you are asked for the passphrase of the key, you need to start over an generate one without a passphrase.

Remove the passwordless login again

If you want to deactivate the passwordless login on a server, you need to remove the line that contains the public key of the host you want to remove the login from.
Get public key on the server you want to remove the passwordless access from do

cat .ssh/id_rsa.pub

on that host and go to the server you want to remove the access to and

vi .ssh/authorized_keys

search the line that contains the key; in the end of every line the remote host is named it could help to search the hostname of the host you want to remove the passwordless access from

Mastodon