Remote SSH Login Without Password, Execute Command Via SSH and Backup Up Data Using Rsync

By | October 21, 2009

Remote SSH Login Without Password, Execute Command Via SSH and Backup Data Using Rsync

Secure Shell or SSH is a network protocol that allows encrypted data transfer and password between networks. SSH protocol is commonly used for remote server management. It gives us safe and secure path to work on remote machines.

Each time while we access a remote machine via ssh protocol, we need to manually enter the password. This would be a tough job during the repeated access. More server logins are easier via ssh key pair. This technology doesn’t require password for login. Private and public keys are used for this purpose. It is important to keep your keys secure, otherwise our server get hacked by others.

We use ssh key pair for remote login and execution of commands via ssh.

First check whether SSH keys are present.

# ls ~/.ssh/

If not generate new SSH keys.

# ssh-keygen -t dsa

Output

Generating public/private dsa key pair.

Enter file in which to save the key (/root/.ssh/id_dsa):

Enter passphrase (empty for no passphrase): NewPassword

Enter same passphrase again: NewPassword

Your identification has been saved in /root/.ssh/id_dsa.

Your public key has been saved in /root/.ssh/id_dsa.pub.

The key fingerprint is:

2d:25:2d:39:88:63:3d:97:56:4a:75:af:f9:1e:0c:29 root@jmj.talk2melbin.com

* Generate SSH pair using new password.

* Don’t use the same root password.

Secure SSH folder with permission.

# chmod 755 ~/.ssh/

Copy the generated id_dsa.pub to remote server. Using “ssh-copy-id” is secure than “scp” command.

# ssh-copy-id -i ~/.ssh/id_dsa.pub root@remoteserver

Output

ssh key pair generation

Now try logging into the machine, with “ssh ‘root@remoteserver'”, and check in:

.ssh/authorized_keys

to make sure we haven’t added extra keys that you weren’t expecting.

Login into remote server.

# ssh remote server

Prompt ask for password. Enter the password used during the generation of SSH key.

Output

Enter passphrase for key ‘/root/.ssh/id_dsa':

Security can increase using SSH Agent

SSH Remote Login Without Password.

check the status of identities,

# ssh-add -L

output

The agent has no identities.

Add ssh identities

# ssh-add

output

Enter passphrase for /root/.ssh/id_dsa:

Identity added: /root/.ssh/id_dsa (/root/.ssh/id_dsa)

After adding check the status using,

# ssh-add -L

Output

ssh-dss AAAAB3NzaC1kc3MAAACBALrFcmm ……….= /root/.ssh/id_dsa

Now happily login remote server without password.

# ssh user@remoteserver

Execute Command On Remote Server via SSH

We are able to run commands on remote server without login. Some examples are given below,

# ssh root@remoteserver 'ps -ef | grep apache | grep -v grep | wc -l'

Output

8

ssh root@remoteserver 'top -b -n 1 | head -n 10'

Output

top – 21:29:08 up 53 days, 23:30, 3 users, load average: 0.15, 0.07, 0.01

Tasks: 107 total, 1 running, 106 sleeping, 0 stopped, 0 zombie

Cpu(s): 0.2%us, 0.1%sy, 0.0%ni, 99.0%id, 0.4%wa, 0.1%hi, 0.2%si, 0.0%st

Mem: 4037612k total, 4009164k used, 28448k free, 236620k buffers

Swap: 4096496k total, 144k used, 4096352k free, 3297004k cached

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND

1 root 15 0 10344 684 572 S 0.0 0.0 0:04.59 init

2 root RT -5 0 0 0 S 0.0 0.0 0:00.38 migration/0

3 root 34 19 0 0 0 S 0.0 0.0 0:02.03 ksoftirqd/0

Small Backup Script Using RSYNC

Script is scheduled on the backup storage machine via crontab.

Ruining the script will help to backup MySQL folder from remote server to another. This keep a backup copy of MySQL root folder of another machine. Logs are generated to view the data transfer between the server with actual date.

#/bin/bash echo "-------------------------------------------------------------------------------------------------" >> /var/BACKUP/secure/log/mysql.log /bin/date >> /var/BACKUP/secure/log/mysql.log rsync -avz -e "ssh -i /root/.ssh/id_dsa" root@remoteserverip:/var/lib/mysql /var/BACKUP/secure/ >> /var/BACKUP/secure/log/mysql.log

root@remoteserverip:/var/lib/mysql ; is remote server from where we took MySQL folder backup and /var/BACKUP/secure/ ; is the backup location to where we store the backup.

Cheers!

Melbin Mathew

www.talk2melbin.com

Melbin Mathew

I am Melbin Mathew, Systems Engineer from Kerala, India. I live with my parents, daughter and my wonderful wife. I graduated in 2004 with a bachelor’s degree in Electronics and Hardware from Mahatma Gandhi University, Kottayam and completed certification in MCITP, RHCE, CCNA, VCP ...Read More
Category: Linux Scripts

About Melbin Mathew

I am Melbin Mathew, Systems Engineer from Kerala, India. I live with my parents, daughter and my wonderful wife. I graduated in 2004 with a bachelor’s degree in Electronics and Hardware from Mahatma Gandhi University, Kottayam and completed certification in MCITP, RHCE, CCNA, VCP ...Read More