SSH Tutorial: Difference between revisions
| Line 27: | Line 27: | ||
cat ~/.ssh/id_rsa.pub | cat ~/.ssh/id_rsa.pub | ||
</source> | </source> | ||
It should output something like this: | |||
<source lang="text"> | |||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArp8VPicZjSglhDI7NhzwdGH6/tHPPk1uKJ6fBCWSoCA/nVyuPvah2wdNKfHBmdG0iDUG49mSIAX71UdPZrLKuOjCks79bCdMSj+Zea5c61RMB0w2GuhY+wAKM+C+GjYvB6j+Ft2jRKw3YoVVmYBf/iW9oBuOH9dIBAIAfOpd3TrJJef+1JmkPVfU3dnn5K+ZfDZNv+7z2Fa2UznOXWkEN/tdqdXTp5X7UJH8gOVHQky5DPgtev7a0u+Emayd4UzHhgfY4pIfB3g46NpvN36GGwdIA3FdwlYUgmXqTpJnyPFlWpKPcnDTlrdcHhgoejvOe6M4HqykxoL49ok1QCEEkQ== digimer@lework | |||
</source> | |||
(Yes, that is my real public key... It won't do you much good though. ;) ). | |||
Copy the output and then ssh normally into the remote machine. | Copy the output and then ssh normally into the remote machine. | ||
Revision as of 18:34, 3 June 2010
Note: This needs work.
Password-less Inter-server Communication
This shows how to have the two servers accept each other's SSH keys without the need for passwords. This allows for, among other things, to shuffle data between two servers securely using 'rsync'.
Scope
This is meant to be a dead-simple example of how to create a shared key to avoid the need for passwords. Nothing more. In the same vein, it is expected that you understand the potential security implications of doing so.
What to do
On the source machine, as the user you will make the ssh call as, run:
ssh-keygen -t rsa
Accept the default value for the prompts.
You should now see two new files; '~/.ssh/id_rsa' and '~/.ssh/id_rsa.pub'. Open the public key file:
cat ~/.ssh/id_rsa.pub
It should output something like this:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArp8VPicZjSglhDI7NhzwdGH6/tHPPk1uKJ6fBCWSoCA/nVyuPvah2wdNKfHBmdG0iDUG49mSIAX71UdPZrLKuOjCks79bCdMSj+Zea5c61RMB0w2GuhY+wAKM+C+GjYvB6j+Ft2jRKw3YoVVmYBf/iW9oBuOH9dIBAIAfOpd3TrJJef+1JmkPVfU3dnn5K+ZfDZNv+7z2Fa2UznOXWkEN/tdqdXTp5X7UJH8gOVHQky5DPgtev7a0u+Emayd4UzHhgfY4pIfB3g46NpvN36GGwdIA3FdwlYUgmXqTpJnyPFlWpKPcnDTlrdcHhgoejvOe6M4HqykxoL49ok1QCEEkQ== digimer@lework
(Yes, that is my real public key... It won't do you much good though. ;) ).
Copy the output and then ssh normally into the remote machine.
ssh someuser@somehost
Once you've logged in with the password, create/edit the the ~/.ssh/authorized_keys file and paste the contents of your ~/.ssh/id_rsa.pub file on a new line. Save the file and then log out of the remote host.
Done. You should now be able to reconnect exactly as you did a moment ago, but this time you will not be prompted for a password.
A Note
Keys you generate will only work when connecting from the source computer as the user you created the key as. For example, if you create the key as root and then try to connect as someuser, the key will not be used. You would need to create another key as someuser.
Likewise, where you put the public key on the destination server will define which user you can connect as on the remote machine.
| Any questions, feedback, advice, complaints or meanderings are welcome. | |||
| Alteeve's Niche! | Enterprise Support: Alteeve Support |
Community Support | |
| © Alteeve's Niche! Inc. 1997-2024 | Anvil! "Intelligent Availability®" Platform | ||
| legal stuff: All info is provided "As-Is". Do not use anything here unless you are willing and able to take responsibility for your own actions. | |||