CentOS 7 sshd server to server with no password using trusted keys
I have two servers of 192.168.10.28 and 192.168.10.100. On 192.168.10.28 as root:
# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
a3:ba:98:53:bc:8c:c9:b3:d8:3f:73:e2:61:a6:41:f7 root@rhtest.whittenberg.local
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| |
| |
| ... S |
| . .o. . . |
| ..=+.E |
| o*B*o. |
|. **=* |
+-----------------+
# ssh-copy-id root@192.168.10.100
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.10.100's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.10.100'"
and check to make sure that only the key(s) you wanted were added.
# ssh root@192.168.10.100
Last login: Tue Oct 25 20:09:25 2016 from 192.168.10.28
Now do the same on 192.168.10.100 using the ssh-copy-id command to host 192.168.10.28 like the following:
# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
a3:ba:98:53:bc:8c:c9:b3:d8:3f:73:e2:61:a6:41:f7 root@rhtest.whittenberg.local
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| |
| |
| ... S |
| . .o. . . |
| ..=+.E |
| o*B*o. |
|. **=* |
+-----------------+
# ssh-copy-id root@192.168.10.28
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.10.100's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.10.28'"
and check to make sure that only the key(s) you wanted were added.
# ssh root@192.168.10.28
Last login: Tue Oct 25 20:09:25 2016 from 192.168.10.100
There you go. You you no longer need password to use the sshd protocol between your two servers. Try this on either server access the other. I will be on the .28 accessing the .100:
# sftp root@192.168.10.100
Connected to 192.168.10.100.
sftp> ls
anaconda-ks.cfg btrfs-progs dead.letter dump
fio-2.0.9.tar.gz go.sh idle3-tools-0.9.1 idle3-tools-0.9.1.tar
linux-4.7.tar.xz list master.zip mylog.txt
phoronix-test-suite phoronix-test-suite-6.4.0.tar scrub.log sipp-3.5.1
sipp-3.5.1.tar.gz test.sh trantest wd5741x64
zfsstress-master
sftp>
Yup. No password needed. Enjoy!
No comments:
Post a Comment