Thursday, March 15, 2007

keychain rocks!

do you ever feel tired to key in your password or passphrase every time you want to ssh into your servers OR you need to run automate jobs (cron job) to ssh into specific servers but unfortunately unable to do it since you still need to key in your password or passphrase manually. well worry no more, here come the solution: use keychain!

first of all you'll need to setup the authentication using public key instead. then download the keychain from http://dev.gentoo.org/~agriffis/keychain/ & install the keychain into your Linux workstation.

ashterix@desktop:/home/ashterix $ ls -l bin/keychain
-rwx------ 1 ashterix u_026776 53740 Feb 27 08:25 bin/keychain


put this into your .profile or .bash_profile
keychain ~/.ssh/id_rsa
. ~/.keychain/`hostname`-sh


and you're done! the first time your login you'll ask to enter your passphrase of course.

KeyChain 2.6.8; http://www.gentoo.org/proj/en/keychain/
Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL

* Initializing /home/ashterix/.keychain/desktop-sh file...
* Initializing /home/ashterix/.keychain/desktop-csh file...
* Initializing /home/ashterix/.keychain/desktop-fish file...
* Starting ssh-agent
* Adding 1 ssh key(s)...
Enter passphrase for /home/ashterix/.ssh/id_rsa:
Identity added: /home/ashterix/.ssh/id_rsa (/home/ashterix/.ssh/id_rsa)

ashterix@desktop:/home/ashterix $


if you log off & login again, the ssh-agent already there & you no need to key in your passphrase again.

KeyChain 2.6.8; http://www.gentoo.org/proj/en/keychain/
Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL

* Found existing ssh-agent (19507)
* Known ssh key: /home/ashterix/.ssh/id_rsa

ashterix@desktop:/home/ashterix $


then from here you can ssh to any servers without key in the passphrase.
the same if you want to run automate ssh cron jobs, the passphrase automatically loaded, there's no need to key in the passphrase manually. cool eh :)

ashterix@desktop:/home/ashterix $ ssh server

ashterix@server :/home/ashterix $


for more info read here:
http://www-128.ibm.com/developerworks/library/l-keyc2/
http://www.gentoo.org/proj/en/keychain/index.xml
http://www.gentoo.org/doc/en/keychain-guide.xml

4 comments:

Anonymous said...

Hahaha..kena marah dgn abah baru nak update blog.

singautara said...

kekekekekekeke....
mana gambaq awana ganu nih?...hehe

Red Mummy said...

nak gambo tgk le kat blog kak red

blog ni tempat buat kerojer je...

singautara said...

dah tgk dah....kak red beli laa nikkon d200 baru gambaq cunnn melecunnn...hehe