i want to login via ssh without password using root account. I have problem with /etc/ssh/sshd_config file. I set: PermitRootLogin without-password and StrctMode no but it doesn't work (i have to enter passphrase to key)
I have Ubuntu 16.04.
Asked
Active
Viewed 1.7k times
1
-
2The accepted answer on that question is horrible, poorly written with unnecessary use of root and no information on how to transfer keys. – Panther Aug 14 '17 at 16:48
-
@bodhi.zazen I agree with you 100%. I hated what it said, and maybe I should not have put it as a duplicate. Even the answers below are missing what you wrote. Maybe we need to merge that question with this one? I have done the root logins before and I have used your method so I know it works. =) – Terrance Aug 14 '17 at 17:00
-
Cant really do much by leave a comment or perhaps flag the question / answer. It has so many upvotes it would take a lot of down votes to change. – Panther Aug 14 '17 at 17:04
-
@bodhi.zazen Maybe we can helpful flag your comment there to help bring attention back to that answer? =) – Terrance Aug 14 '17 at 17:11
-
Not sure why this question was down voted. – Panther Aug 14 '17 at 17:35
1 Answers
0
First the option "PermitRootLogin without-password" does not do what you think it does. This option does not allow you to log in without a password, it allows you to log in as root via any method other then password authentication.
Typically this would be ssh keys, but could include other methods such as kerberos.
Second, I highly suggest you continue to login as root with a key with a password. If you do not want to enter a password every time, add it to ssh agent. On the command line this would be ssh-add ~/.ssh/key_name. This is a one time entry of your key password and subsequently you do not need to enter a password.
After the above command you can simply
ssh root@server
If you want a key without a password , make a new key with an empty password on the client machine.
ssh-keygen
When it asks you for a password, just hit the Enter key without entering a password.
I suggest you give it a name rather then using the default.
You transfer the key with ssh-copy-id (you will need to log in to the server as root with a password to transfer the key).
ssh-copy-id -i ~/.ssh/your_key.pub root@server
You can then ssh in without a password
ssh -i ~/.ssh/your_key root@server
Once the key is working, go ahead and disable password authentication again.
Panther
- 102,067