Tagged: ssh-keys

Save password for key login and no need to type again in Mac

Problem: When I try to establish an SSH connection with key, there are always have prompts for a password. And I don’t want to type the password on my personal PC again.

You can search how to save the password for key via ssh-agent

Solution: below the solution for macOS only. Enter below command:

ssh-add -K ~/.ssh/[your-private-key]

Then enter the password for the key file, so you won’t be asked for the password again.

Sublime SFTP failure while using Google Authenticator and Key file as two-factor authentication in CentOS 7

Problem: After applying Key file (ref here, using ssh-keygen ), and Google Authenticator (ref here, using yum install google-authenticator ) in CentOS 7, both SSH and FTP via FileZilla are both working ( FileZilla need to pass key file login, then switch login type to interactive in order to enter passphrase generated by Google Authenticator) but Sublime Text 3 can not upload file via SFTP. If the server just has a key file login, it will work.

According to this post, Sublime SFTP is waiting for the input prompt, and the prompt message has to be “Password: ” and show up.

Solution: Follow the below steps to turn on prompt and set it to “Password: ” :

1.Edit /etc/pam.d/sshd

vim /etc/pam.d/sshd

2. Append authtok_prompt to auth required pam_google_authenticator.so in order to override default token prompt :

auth required pam_google_authenticator.so [authtok_prompt=Password: ]

The value “Password: ” must not change to other values like “Passphrase: “, “Pass”. Otherwise Sublime can not recognize the prompt.

3. Enter systemctl restart sshd.service to restart service

systemctl restart sshd.service

Normally if you set the “user”, “password” and “ssh_key_file” value, in my case it will prompt a message like [email protected]_ip and asking your password. After entering your SSH password, it will prompt again with the same message, now please enter your Google Authenticator’s passphrase.

Enable SSH password authentication on AWS with CentOS 7

Problem: Want to login to CentOS 7 via username and password only, remove private key login.

Solution: First of all, follow this video instruction if you haven’t built the Amazon EC2 or able to connect server via private key yet.

Then inside the server terminal command line, edit /etc/ssh/sshd_config

Edit the line “PasswordAuthentication no” to (or if you can’t find the line, just add) “PasswordAuthentication yes

restart SSH service

systemctl restart sshd.service

Don’t forget to change the password for user. For the current user,

passwd

for root,

sudo passwd