password

How to instruct SSH use only my password and ignore my (rsa) key

 in GNU/Linux  tagged key / keyboard-interactive / password / PreferredAuthentications / PubkeyAuthentication / rsa / ssh by

Recently, we wanted to connect to a machine via SSH without using the default RSA key that was available in the client’s profile (~/.ssh/id_rsa).

We needed to avoid using the public key authentication method for two reasons:

  1. The client did not want to share the passphrase with us
  2. We did not want to move the key, not even temporarily

So, to connect via SSH while ignoring the key completely we connected using the following command

1
ssh -o PreferredAuthentications=keyboard-interactive,password -o PubkeyAuthentication=no user@server;

Explanation of parameters:

  • -o Was used to give options in the format used in the configuration file (/etc/ssh/ssh_config). It is useful for specifying options for which there is no separate command-line flag available.
  • -o PreferredAuthentications can be used to change the default order of authentication and bypass the GSSAPI-based authentication, the host-based authentication, the public key authentication and the challenge-response authentication.
    -o PreferredAuthentications=keyboard-interactive,password instructs the server to perform the authentication through the keyboard-interactive method and if that method is not available to use the password method.
    The keyboard-interactive authentication method is a request for all different pieces of information needed for the authentication. The server can specify, which inputs need to be hidden when user types them and which are not.
    The password authentication is a request for a single password. There is no configuration sent by the server. So the client decides how to format the prompt.
  • -o PubkeyAuthentication=no Specifies whether to try public key authentication. By setting the value to no it disables it.

Generate Random Password

 in Bash / GNU/Linux / HowTos  tagged base64 / bash / date / GNU/Linux / head / howtos / password / random / sha256sum by

date +%s | sha256sum | base64 | head -c 32 ; echo
date +%s : will print the system date and time in seconds since 1970-01-01 00:00:00 UTC

sha256sum :  will compute  the SHA256 message digest of the time in seconds we produced before

base64 : will encode the previous data and print them to standard output

head -c 32 : will print the first 32 characters of the previous data

; echo : is used to create a new line at the end of the results

Connect with ssh wihout using a password / without login procedure / with passwordless login / with no authentication

 in Bash / GNU/Linux / HowTos  tagged authentication / bash / credentials / GNU/Linux / howtos / password / ssh by

From your machine issue the following commands in order to let the server know of your information and allow you to login without going through the interactive authentication phase.

ssh-keygen -t rsa
ssh-copy-id -i ~/.ssh/id_rsa.pub useraccount@boxname

*NOTE: This method does not allow to connect the other way around without credentials. You need to repeat this from the other machine as well to make it two way.