akohan
asked on
about .ssh in linux - urgent
Hi Admins
Assume there are two machines A (local with ip address a.b.c.d) and B (Remote with ip address e.f.g.h) in a LAN. What is the proper way to create .ssh/ directory on both machines?
As far as I know, when root runs (from A):
ssh e.f.g.h
the .ssh/ directory will be created under /root (if doesn't exist). Now, I need to create a trused host connection between A and B but .ssh/ directory doesn't
exist on Machine B. How can I create it on Machine B to be able to copy the rsa key file under /root/.ssh directory?
I will appeciate your advice.
thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ravenpl
ssh username@machine.B 'mkdir .ssh; chmod 0700 .ssh'
first create a directory in B under root ".ssh"
chmod 700 /root/.ssh
chown root:root /root/.ssh
then from machine A
scp /root/.ssh/id_rsa.pub e.f.g.h:/root/.ssh/machine
this should ask you for the root password from machine B. supply it and copy the file. then in machine B
cd /root/.ssh
cat machineB.pub >> authorized_keys
restart sshd in machineB (in most cases it does not require a restart of this service).
voila, this enables a no password required connection from A to B. but the password would be prompted if you connect the reverse way. in which case, repeat the exercise the other way around.
chmod 700 /root/.ssh
chown root:root /root/.ssh
then from machine A
scp /root/.ssh/id_rsa.pub e.f.g.h:/root/.ssh/machine
this should ask you for the root password from machine B. supply it and copy the file. then in machine B
cd /root/.ssh
cat machineB.pub >> authorized_keys
restart sshd in machineB (in most cases it does not require a restart of this service).
voila, this enables a no password required connection from A to B. but the password would be prompted if you connect the reverse way. in which case, repeat the exercise the other way around.
i made a uniform mistake. it should be machineA.pub in both cases. as it was wrong in both places, it makes a double negative.
sorry about that. but still the above should work for you.
goutham
sorry about that. but still the above should work for you.
goutham
The user creates his/her RSA key pair by running ssh-keygen(1). This stores
the private key in .ssh/identity and the public key in
.ssh/identity.pub in the user's home directory. The user should then
copy the identity.pub to .ssh/authorized_keys in his/her home
directory on the remote machine (the authorized_keys file corresponds
to the conventional .rhosts file, and has one key per line, though the
lines can be very long). After this, the user can log in without
giving the password.
ssh from A -> B :
ssh-keygen -t rsa1
Generating public/private rsa1 key pair.
Enter file in which to save the key (/export/home/$USER/.ssh/i
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /export/home/$USER/.ssh/id
Your public key has been saved in /export/home/$USER/.ssh/id
The key fingerprint is:
44:a3:ad:b9:59:53:97:22:34
then ....
scp .ssh/identity.pub B:/home/$USER/.ssh/authori
now you can use ssh and scp without password
on the remote mashine create ".rhosts"
usage: mashine username
it meens that user "username" from mashine "mashine" can set up commands on this mashine
(don't forget: chmod 600 to .rhosts and your home-path max 755)
try:
ssh mashine-B <<EOF
> ls
> pwd
> hostname
> EOF
regards,
a2h0mi
the private key in .ssh/identity and the public key in
.ssh/identity.pub in the user's home directory. The user should then
copy the identity.pub to .ssh/authorized_keys in his/her home
directory on the remote machine (the authorized_keys file corresponds
to the conventional .rhosts file, and has one key per line, though the
lines can be very long). After this, the user can log in without
giving the password.
ssh from A -> B :
ssh-keygen -t rsa1
Generating public/private rsa1 key pair.
Enter file in which to save the key (/export/home/$USER/.ssh/i
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /export/home/$USER/.ssh/id
Your public key has been saved in /export/home/$USER/.ssh/id
The key fingerprint is:
44:a3:ad:b9:59:53:97:22:34
then ....
scp .ssh/identity.pub B:/home/$USER/.ssh/authori
now you can use ssh and scp without password
on the remote mashine create ".rhosts"
usage: mashine username
it meens that user "username" from mashine "mashine" can set up commands on this mashine
(don't forget: chmod 600 to .rhosts and your home-path max 755)
try:
ssh mashine-B <<EOF
> ls
> pwd
> hostname
> EOF
regards,
a2h0mi