Setup ssh-rsalogin » Historie » Revision 4
Revision 3 (Jeremias Keihsler, 10.09.2020 14:39) → Revision 4/5 (Jeremias Keihsler, 10.09.2020 14:39)
h1. Setup ssh-rsa-login h2. Requirements To install ssh you will need the following: * a installed and supported operating system (e.g. CentOS 8.x) * root-access * a fast internet connection h2. Preliminary Note You want to use Linux and OpenSSH to automize your tasks. Therefore you need an automatic login from host A / user a to Host B / user b. You don't want to enter any passwords, because you want to call ssh from a within a shell script. This information was taken from *Mathias Kettner* @ http://linuxproblem.org/art_9.html h2. Setup First log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase: <pre><code class="shell"> a@A:~> ssh-keygen -t ed25519 Generating public/private ed25519 key pair. Enter file in which to save the key (/root/.ssh/id_ed25519): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_ed25519. Your public key has been saved in /root/.ssh/id_ed25519.pub. The key fingerprint is: SHA256:cWzFIp9zUKCHz8tijMdZn7Nx07gS1nJKeSNnBP1vrFX a@A The key's randomart image is: +--[ED25519 256]--+ | o=o | | .+..o | | E +o = | | B+ | | S O + .E| | e + . .B X.+| | . B +o Xo==| | + o .-. ==| | o++oo| +----[SHA256]-----+ </code></pre> Now use ssh to create a directory ~/.ssh as user b on B. (The directory may already exist, which is fine): <pre><code class="bash"> a@A:~> ssh b@B mkdir -p .ssh b@B's password: </code></pre> Finally append a's new public key to b@B:.ssh/authorized_keys and enter b's password one last time: <pre><code class="bash"> a@A:~> cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys' b@B's password: </code></pre> h2. Test From now on you can log into B as b from A as a without password: <pre><code class="shell"> class="bash"> a@A:~> ssh b@B hostname B </code></pre> h2. Troubleshooting If for any reason this is not working it might be because of wrong permissions or SELinux-context <pre><code class="bash"> chmod 700 ~/.ssh ll ~/.ssh </code></pre> needs permission-wise result in <pre><code class="bash"> drwx------. 2 root root 4096 Aug 3 11:04 . dr-xr-x---. 6 root root 4096 Aug 3 11:23 .. -rw-r--r--. 1 root root 410 Aug 3 11:04 authorized_keys -rw-------. 1 root root 1671 Aug 3 09:05 id_rsa -rw-r--r--. 1 root root 404 Aug 3 09:05 id_rsa.pub </code></pre> to restore SELinux-context perform <pre><code class="bash"> restorecon -R -v ~/.ssh </code></pre>