Join Log in
Score:0
Saeed Neamati avatar Ubuntu

Can I know a key is copied to the server before it asks me for a password?

cn flag
Saeed Neamati

To login without password, I use ssh-copy-id I ~/.ssh/key_name root@server_ip.

If I don't copy my public key, then each time I use ssh root@server_ip I would be asked for my password.

Now I want to create an automated script for checking the installation of Ubuntu instances of our colleagues.

I want to know whether they have configured their Ubuntu correctly or not.

One item I should check is to see if they have copied their public keys to our server, so that they can connect without password.

How can I know it? Is there a way for me to know it?

100
2 + 2
ssh
Saeed Neamati avatar
cn flag
Saeed Neamati
@user68186, we're using Ubuntu 22.04 for clients, and Debian bullseye 11 for our servers.
0
Reply
ar flag
user68186
I tried the answer by @pLumo. It works for me.
0
Reply
Score:1
pLumo avatar Ubuntu
in flag
pLumo

Just try ...

if ssh -o IdentitiesOnly=yes -o BatchMode=yes -i ~/.ssh/key_name -q user@host exit; then
    echo "Connection succesful"
else
    echo "Connection not succesful"
fi
  • -o IdentitiesOnly=yes means that, only the give key is checked
  • -o BatchMode=yes tells ssh not to fall back to a password prompt.
  • -q make ssh not output anything.
  • exit will let the connection quit immediately
+ 2
Saeed Neamati avatar
cn flag
Saeed Neamati
Thank you for this script. However, when I run it, it freezes in the first line.
0
Reply
Saeed Neamati avatar
cn flag
Saeed Neamati
@user68186, yep, I did not copy/paste blindly. I read and understood the code and replaced the parameters.
0
Reply
Score:0
aiziyou avatar Ubuntu
ug flag
aiziyou

This answer is not a script. I hope this answer can gave you more ideas about your issue.

There are 3 ways to check this issue.

  1. There will be a connection established for each user if they can log in. You can use netstat -anpl|grep 22 to check the connections.

  2. You can also use command last to check the users whoever logged in in the past. If there is entry for that user, that means they can log in with the key without problem.

  3. There is a file named authorized_keys under .ssh directory. It is under each user's home directory on server side.

    The SSH authorized_keys file is a file that contains a list of public keys that are authorized to log in to the server.

    This file is used to prevent unauthorized users from connecting to the SSH server. SSH daemon on the server side checks whether the SSH key is correct or not by calculating the SSH key fingerprint.

    If the SSH key is correct, it allows the user to log in without asking username or password. So for your question, you can check this file to see if they copied their public key to this server.

+ 2
Saeed Neamati avatar
cn flag
Saeed Neamati
Thank you. But my question is about client machines, not the server itself. I want to know whether a client machine has already copied its id to the server or not, without considering server.
0
Reply
aiziyou avatar
ug flag
aiziyou
It is hard to check that on client side. You can add an echo "ssh-copy-id ~/.ssh/key_name root@server_ip" in your script to ask the users to copy public key manually to the remote server If the passwordless login doesn't work for that user.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.