Syed Jahanzaib Personal Blog to Share Knowledge !

November 25, 2011

Howto Login on Remote Mikrotik & Linux without PASSWORD to execute commands using DSA key

~ Article by Syed Jahanzaib ~

By Following this guide , You will be able to Execute Scripts from a Remote Linux machine to Mikrotik RouterOS [OR Linux] without requiring password.


Login From Linux to Mikrotik to execute commands via ssh without Password !!!

[STEP # 1]

First you need to generate public dsa key on your linux bx {which you will upload to mikrotik in later stage}.
At your Linux box, issue the following command.

ssh-keygen -t dsa

This will create a DSA key pair that is compatible with Mikrotik/Linux

 ssh-keygen -t dsa

It will ask you few questions, just press enter , as showed below…

root@zaib-desktop:~# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/
The key fingerprint is:
ed:da:88:da:d1:b1:f0:b5:f2:39:04:85:9d:d0:19:f1 root@zaib-desktop
The key's randomart image is:
+--[ DSA 1024]----+
|        .=o=     |
|        . *.     |
|         .  E    |
|        ..       |
|      . S.o      |
|       + =..     |
|      . =.o      |
|     . o *..     |
|    ..o o +.     |

Note: Make sure to leave the passphrase blank if you are going to be using this key in automated scripts. You do not want to be prompted for a password. zaib


[STEP # 2]
Now the key have been generated, It’s time to upload it to MIKROTIK using FTP. Make sure FTP service is enabled on mikrotik. Upload this key via ftp using below commands.

root@zaib-desktop:~# cd /root/.ssh/
root@zaib-desktop:~/.ssh# ftp
Connected to

220 MikroTik FTP server (MikroTik 3.3) ready
Name ( admin
331 Password required for admin
230 User admin logged in
Remote system type is UNIX.

ftp> put
local: remote:
200 PORT command successful
150 Opening ASCII mode data connection for '/'
226 ASCII transfer complete
608 bytes sent in 0.00 secs (2207.2 kB/s)

ftp> exit
221 Closing


Now login to Mikrotik via Winbox, and open Terminal , you need to import the key. to import key, use the below command.

user ssh-keys import
user: admin

The user field above determines which user account will be logged in when you pass the key, In this example , I am using default admin id.

All Done. You’ve created a key pair and imported the public key into Mikrotik ,

Now you can start running commands from your remote machine without using the password.

Some examples are below, from your Linux box, try the following . . .

(For the first time Login, It will ask you “Are you sure you want to continue connecting (yes/no)?” Type yes to continue)

ssh admin@  /system resource print
The authenticity of host ' (' can't be established.
DSA key fingerprint is 5f:d5:ee:51:8b:1c:c3:df:4d:3c:29:d8:af:48:35:a5.
Are you sure you want to continue connecting (yes/no)? yes

Again try to execute command and this time it will execute smoothly without asking any thing.

root@zaib-desktop:~# ssh admin@  /system resource print
uptime: 40m37s
version: "3.3"
free-memory: 40512kB
total-memory: 62276kB
cpu: "Intel(R)"
cpu-count: 1
cpu-frequency: 3200MHz
cpu-load: 1
free-hdd-space: 956832kB
total-hdd-space: 1021408kB
write-sect-since-reboot: 2373
write-sect-total: 2373


You can do so many interesting things using this method, you can link scripts with php or webmin and control your mikrotik / linux box with webmin as Frontend.


Login From Linux to Linux to execute commands via ssh without Password !!!


Suppose, We want to login from ADMIN PC to REMOTE SERVER without password , or we want to execute command from ADMIN PC to REMOTE SERVER.

[STEP # 1]

You have to first generate DSA public key on ADMIN PC.
You can create it by following [STEP # 1]  in Scenario # 1 of this post.
If you have already generated it, then skip this Step#1

[STEP # 2]

From Admin PC , issue the following command to upload to Remote Server.

scp root@

[It will ask Remote Server Password, type password and hit enter.

Now try to Login to REMOTE SERVER using following command


root@zaib-desktop:~/.ssh# ssh
Linux test2-proxy 2.6.31-14-generic #48-Ubuntu SMP Fri Oct 16 14:04:26 UTC 2009 i686

To access official Ubuntu documentation, please visit:

353 packages can be updated.
202 updates are security updates.

Last login: Fri Nov 25 03:01:45 2011 from

SUCCESS ! You are now able to Login to remote server without password.

You can Execute any command on remote server from admin pc, For example, you can shutdown / restart or whatever you like . . .

root@zaib-desktop:~/.ssh# ssh df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda1             3.8G  2.1G  1.5G  59% /
udev                  186M  224K  186M   1% /dev
none                  186M  164K  186M   1% /dev/shm
none                  186M   88K  186M   1% /var/run
none                  186M     0  186M   0% /var/lock
none                  186M     0  186M   0% /lib/init/rw

%d bloggers like this: