In some certain reason, password less authentication is require on remote machine which helps to access the remote machine without entering the password for login, deployment and management purpose.
This article describes How to Configure Password Less Authentication on CentOS8.
Step 1 User Creation: Run the following command to create a separate user for password less authentication and set password:
[[email protected] ~]# adduser ansible-user
[[email protected] ~]# passwd ansible-user
Changing password for user ansible-user.
BAD PASSWORD: The password contains the user name in some form
Retype new password:
passwd: all authentication tokens updated successfully.
[[email protected] ~]#
Step 2. Generate SSH Key: Switch with the user and generate random SSH RSA key on source machine:
[[email protected] ~]# su – ansible-user
[[email protected] ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/ansible-user/.ssh/id_rsa):
Created directory ‘/home/ansible-user/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ansible-user/.ssh/id_rsa.
Your public key has been saved in /home/ansible-user/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:pox4pH3JyeYDlCB51KiyhXn5DNm6sO8SSCgW9XB4V/U [email protected]
The key’s randomart image is:
| oo=.. …. |
|o.+.=. . . |
|.*.=.o. E |
|Bo* + |
|*+ *. S |
|= .=+= = |
| +o.+.X |
|o .. +. |
| +o .. |
Step 3. Copy SSH Key: Copy the key to the remote machine using ssh-copy-id command:
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/home/ansible-user/.ssh/id_rsa.pub”
The authenticity of host ‘192.168.43.30 (192.168.43.30)’ can’t be established.
ECDSA key fingerprint is SHA256:MkomPfEhQowbzv64aX34auq0zi7NDZKaCJId3vO4ay8.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
[email protected]’s password:
Number of key(s) added: 1
Now try logging into the machine, with: “ssh ‘[email protected]′”
and check to make sure that only the key(s) you wanted were added.
Step 4. Verify Password Less Login: Run the following command to validate password less login on remote machine:
[[email protected] ~]$ hostname
Done! Password less authentication and login configured successfully.