"; */ ?>

sysadmin


22
Mar 09

VNC Into Remote Server Without Typing a Password

vnc without typing a password

I have a simple setup where one of my Ubuntu boxes is hooked up to the old Mitsubishi 50” TV via s-video. The box is hidden behind the TV, and is, of course, online. It has Mythbuntu installed, and functions as a full blown multi media center.

Besides all other goodies that are installed on the box, I recently installed rtGui (A web based front-end for rTorrent) on it. Hence anywhere I go, I can connect to it over the web, and throw a torrent link that will start the download right away – convenient. ( here is how to “install rtGui on Ubuntu” )

Currently, I control my media box the most straightforward way – from my laptop. There are many other options available: Gyration Remote (In-air cursor control using Patented Gyroscopic Motion-Sensing technology – 2.4GHz RF technology for up to 100 ft), mini wireless keyboard, and many others, but I don’t mind a semi-manual way to control the box by using my laptop. There is one little problem though – every time I am VNCing to the box, I have to enter a password – not convenient…

First thing I tried to find a “no typing password” solution was:

$ vncviewer remotehost.com -p dummypasswd
VNC server supports protocol version 3.8 (viewer 3.3)
Cannot read valid password from file "dummypasswd"

Here I just wanted to see what the error message would pop up, to get more clues on where to look. Now I’ve got the clue: “there should be a valid password file”. Next thing to do is to read about “vncviewer”:

$ man vncviewer
 
       -passwd passwd-file
              File from which to get the password (as generated by the vncpasswd(1) program).

Excellent – now it is official, just need to use “vncpasswd”:

$ vncpasswd
The program 'vncpasswd' can be found in the following packages:
 * tightvncserver
 * vnc4-common
Try: sudo apt-get install
<selected package>
bash: vncpasswd: command not found

Seems like its not installed, which is an easy problem to solve…

Step 1. Install “tightvncserver”.

$ sudo apt-get install tightvncserver

Check that “vncpasswd” is installed:

$ vnc [TAB][TAB]
vncconnect  vncpasswd   vncserver   vncviewer

Step 2. Create a vnc password file with “vncpassword”.

$ vncpasswd
Using password file /home/user/.vnc/passwd
VNC directory /home/user/.vnc does not exist, creating.
Password: [TYPE YOUR VNC PASSWORD HERE]
Verify: [TYPE YOUR VNC PASSWORD HERE]
Would you like to enter a view-only password (y/n)? n

Step 3. VNC into the remote system without typing the password.

$ vncviewer remotehost.com -p /home/user/.vnc/passwd

As you see the only thing I need to provide now is the password file – no need to type the password every time I need to watch a movie. And to make it even more convenient, I can now create a launcher that will launch “vncviewer remotehost.com -p /home/user/.vnc/passwd” on a simple mouse click:

media center launcher

Want to do something else simple and convenient? Try to “run commands remotely via SSH with no password“.

VNC away!


10
Mar 09

Run Commands Remotely via SSH with No Password

Run Commands Remotely via SSH with No Password

Extremely useful for system administrators, very useful for application developers when testing with remote services, or how some buzz developers refer to it: Service Oriented Architecture (SOA). Also remote execution is widely used by web masters to sync/backup/create mirrors.

Below 5 simple steps will enable you to run any commands on the remote box/host/server via SSH without a need to provide a password. That is usually useful, if such remote calls need to be automated (work without manual/human intervention).

Step number 6 has an example on how to actually run a command on remote host via SSH.

from the local host

Step 1. Create a public/private keys with “ssh-keygen” (ENTER through everything):

      user@host:~/.ssh$ ssh-keygen -t rsa
 
      Generating public/private rsa key pair.
 
      Enter file in which to save the key (/home/toly/.ssh/id_rsa): 		[ENTER]
      Enter passphrase (empty for no passphrase): 				[ENTER]
      Enter same passphrase again: 							[ENTER]
 
      Your identification has been saved in /home/user/.ssh/id_rsa.
      Your public key has been saved in /home/user/.ssh/id_rsa.pub.
      The key fingerprint is:
      66:fd:11:ca:2d:21:b9:73:c1:b6:fa:1d:b2:2c:71:cd user@host
 
      The key's randomart image is:
      +--[ RSA 2048]----+
      |                         |
      |           .             |
      |          . o           |
      |         o + o         |
      |        E S.o o       |
      |       o. .+.o .       |
      |       . +o o.         |
      |        +. o...        |
      |       ... ..=.         |
      +-----------------+

At this point the public and private keys should be created and saved into “~/.ssh” directory:

      user@host:~/.ssh$ ls -l
      total 20
      -rw------- 1 user group 1675 2009-03-10 14:18 id_rsa
      -rw-r--r-- 1 user group 392 2009-03-10 14:18 id_rsa.pub
      -rw-r--r-- 1 user group 8642 2009-03-10 12:10 known_hosts

Step 2. Add identity to the local ssh authorizer with “ssh-add”.

If you “entered” through the “Enter file in which to save the key (/home/toly/.ssh/id_rsa)” in the previous step, then your identity file should be “id_rsa”:

      user@host:~/.ssh$ ssh-add id_rsa

Otherwise replace “id_rsa” with the file you chose to save your identity in.

In case of a friendly “Could not open a connection to your authentication agent.” error message, start “ssh-agent” as:

eval `ssh-agent`

and re-run “ssh-add”.

Step 3. Copy the public key to the remote host ( server ) under “~/.ssh”:

From the step above “id_rsa.pub” would be the public key that needs to be copied to the remote system you would like to run commands on.

      user@host:~/.ssh$ scp id_rsa.pub remoteuser@remotehost.com:~/.ssh/

from the remote host

Step 4. On remote host add this public key to “authorized_keys”:

      remoteuser@remotehost:~$ cd ~/.ssh
      remoteuser@remotehost:~/.ssh~$ cat id_rsa.pub >> authorized_keys

Step 5. Change “authorized_keys” permissions to allow only you to read/write it:

      remoteuser@remotehost:~/.ssh$ chmod 600 authorized_keys

from the local host

Step 6. Now you can run any command on the remote box from the local box with no password:

Let’s see what that remote box is running at:

       user@host:~$ ssh remoteuser@remotehost.com  uname -a
 
       Linux remotehost 2.6.27-01-generic #1 SMP Thu Mar 21 10:34:21 UTC 2009 i686 GNU/Linux

By runing “ssh remoteuser@remotehost.com uname -a” from the local box, you just ran “uname -a” command on the remote box without a need to enter the password.

Good Luck Remoting!