Easy Password-less SSH logins on Linux

ssh-copy-idI’m storing this as an aide memoire, really, but it may help you too.

Let’s say we have two systems, System_From and System_To. And two users, User_From and User_To. The objective is: log on to System_To as User_To, from System_From as User_From.

The steps

1. One-time key generation for User_From

On System_From, while logged on as User_From, proceed as follows:

User_From@System_From:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/User_From/.ssh/id_rsa):[hit enter]
Enter passphrase (empty for no passphrase):[hit enter]
Enter same passphrase again:[hit enter]
Your identification has been saved in /home/User_From/.ssh/id_rsa.
Your public key has been saved in /home/User_From/.ssh/id_rsa.pub.
The key fingerprint is:
be:e8:98:4a:26:1e:9b:ed:78:a7:e7:fe:d8:9d:3c:6d User_From@System_From
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|  E              |
|                 |
|               Q |
|        S        |
|       .         |
|oo      o     o  |
|+.Bo8ooo.E       |
| BOB++o++        |
+-----------------+

Note: if you use anything other than an empty passphrase, you will need to enter the passphrase each time you log on, which sort of defeats the object of this exercise!

This creates two files: id_rsa and id_rsa.pub. The private key, id_rsa, must always be kept secret. Your system should have marked it read/write for the owner only. The public key, id_rsa.pub is safe to copy to destination systems (see next section).

2. Copy the public key to System_To

OpenSSH comes with a handy script for copying the public key to the remote host (System_To, in this instance): ssh-copy-id. Use it like this, at the system you’re connecting from:

User_From@System_from:~$ ssh-copy-id -i ~/.ssh/id_rsa.pub User_To@System_To
User_To@System_To's password:[type User_To's password and hit enter]
Now try logging into the machine, with "ssh 'User_To@System_To'", and check in:

  ~/.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

If you’re connecting to SSH on a custom port, the command is thus:

ssh-copy-id -i ~/.ssh/id_rsa.pub "User_To@System_To -p custom#"

Repeat this step for all remote hosts to which you intend to connect.

3. Log in to System_To

Now, when you issue the command ssh System_To, you will be logged in straight away, with no password prompt.

SOLVED: “Access is denied, unable to remove” when deleting printer

It’s amazing to see that many years after I first wrote this post, visitors are still finding it useful!

If you really want to understand what’s going on under the hood, the Windows Internals books are the place to start. In the interests of transparency: this is an affiliate link. See my affiliate disclosure page for an explanation.

Many organisations push out printer installations via Active Directory. If you want to tidy up those printers (removing ones you don’t use) you may find Windows 7 doesn’t let you delete them, even though you may be a local administrator and even if you use an elevated Explorer session:

Access denied error

Use the following steps to resolve this annoyance.

From an elevated command prompt:

C:\Windows\system32>net stop spooler
The Print Spooler service is stopping.
The Print Spooler service was stopped successfully.

Then fire up regedit. Navigate to Computer\HKEY_CURRENT_USER\Printers\Connections and delete the offending printer:

printers regedit

Finally, restart the print spooler:

C:\Windows\system32>net start spooler
The Print Spooler service is starting.
The Print Spooler service was started successfully.