Tag Archives: authentication

Linux SSH auth passwordless using key

Pretty basic, but handy for whoever start playing with Linux.

Here simple steps to follow in order to have box1 to be able to connect securely to box2 over SSH without being required to insert password.
This is very handy if you run scripts ūüėČ

On BOX1

You can run this as any user.

ssh-keygen -b 1024 -t rsa -f id_rsa -P ""

This will generate  ~/.ssh/id_rsa (private key) and  ~/.ssh/id_rsa.pub (public key).
The .pub is the key that needs to be appended in ~/.ssh/authorized_keys on BOX2.

If the following command is available, that’s the best/safest way to setup BOX2.

ssh-copy-id user@box2

Password for user on box2 will be requested.
Once completed, you can try to ssh user@box2 and theoretically you should be able to connect without need to insert the password again!

If ssh-copy-id does not exist (e.g. Mac or other Distros), you can scp the .pub file and append it as per below:

scp ~/.ssh/id_rsa.pub user@box2:/tmp

Then connect to box2 with user and run this:

cat /tmp/id_rsa.pub >> ~/.ssh/authorized_keys
rm -f /tmp/id_rsa.pub

After those 2 commands, the key should be added to the authorised ones, so  ssh user@box2 should work.

NOTE: if you are experiencing issues, please make sure that the permissions of id_rsa file is 600 on BOX1 and that sshd_conf on BOX2 is set to allow key auth connections

Apache .htaccess for website password authentication

Quick notes… the ones that you are probably forgetting if you’re not using it….

Go inside your website folder website

Create a .htaccess file with the below content

AuthUserFile /var/www/website/.htpasswd
AuthGroupFile /dev/null
AuthName "Work forms"
AuthType Basic
require valid-user

Make sure the permissions are set correctly:

chmod ugo+r .htaccess

Then, create the user and the password:

htpasswd -c /var/www/website/.htpasswd your_user

Please note that the -c is to “create” the file. If you want to add other users, just remember to remove that flag or the file will be overwritten

In the VirtualServer section, make sure to have this:

<Directory "/var/www/<website>">
AllowOverride AuthConfig
</Directory>

Restart apache and… it should work ūüėõ