0

I am trying to accomplish passwordless ssh-ing from root. To be clear, I want to log in from the local machine at root to a /home/user folder on remote. Have established the connection between user@local to user@remote, but can't figure out how to allow root to connect.

knl
  • 127
  • 1
  • 2
  • 8
  • You reall do not need to do that as host will be added if you run ssh are root. To copy the file `cp ~user/.ssh/.known_hosts /root/.ssh` – Panther Jun 09 '15 at 23:17
  • 1
    possible duplicate of [How can I set up password-less SSH login?](http://askubuntu.com/questions/46930/how-can-i-set-up-password-less-ssh-login) ....replace the user to `root`.. – heemayl Jun 09 '15 at 23:44
  • 1
    Can not recommend connecting (as **root**) over SSH. *You may also be having issues with SSH config settings that prevent this type of access.* If you can explain why you really need this, I may be able to help. – david6 Jun 10 '15 at 01:44
  • Need to passively move regularly generated files to another computer. – knl Jun 10 '15 at 01:51

1 Answers1

1

First of all, known_hosts is not the file that you want to copy. That is just a list of all the systems that have been connected to to check if the system might have changed or a man-in-the-middle attack is being attempted.

For password less connections, you need a id_rsa file in .ssh folder. You can copy the file and make sure is has the correct permissions. 600 for the file

or better, create a new key for root to use. sudo up to root. create the key and then copy the id_rsa.pub contents to the authorized_keys on the remote system. there are steps in the link below.

ssh-keygen -t rsa

ssh - without password

Or create your key as Root then use ssh-copy-id command, it will add the files where they need to be. ssh-copy-id user@hostname.example.com

grag42
  • 226
  • 1
  • 6
  • I did create a new key under root and copied it to remote, but the script calling ssh to the remote asks for the passphrase each iteration. How do I avoid this? Just skip the passphrase on the root keyset? – knl Jun 09 '15 at 23:21
  • Yes. you can skip the passphrase part. – grag42 Jun 09 '15 at 23:22
  • Is the passphrase a 'paranoid' level of security? I don't want to skimp on useful levels of security. – knl Jun 09 '15 at 23:24
  • It is not really a paranoid level of security, as you just replaced your password with a txt file, that if someone gets access on the system can then access to all other systesms. With ssh-add and ssh-agent, you can use the passphrase to unlock the authentication keys so not everyone can use them, but you will only have to enter it one time. – grag42 Jun 09 '15 at 23:27
  • 1
    https://help.github.com/articles/working-with-ssh-key-passphrases/ – grag42 Jun 09 '15 at 23:28
  • so how do i enter my passphrase the one time if it's an autostart root login? – knl Jun 10 '15 at 00:57
  • 1
    That I am unsure of how to do. except in plain text format. normally you should never run as root. unless absolutely necessary. why not create a user with appropriate permissions on both systems. and use that user instead of root. – grag42 Jun 10 '15 at 03:36