DokuWiki » Infrastructure » Operating System » Fedora 32

Wiki » Setup »

Setup ssh-rsalogin » Historie » Revision 2

Revision 1 (Jeremias Keihsler, 04.07.2020 15:18) → Revision 2/3 (Jeremias Keihsler, 04.07.2020 15:18)

h1. Setup ssh-rsa-login 

 h2. Requirements 

 To install ssh you will need the following: 
 * a installed and supported operating system (e.g. Fedora32) Fedora29) 
 * root-access 
 * a fast internet connection 

 h2. Preliminary Note 

 You want to use Linux and OpenSSH to automize your tasks. Therefore you need an automatic login from host A / user a to Host B / user b. You don't want to enter any passwords, because you want to call ssh from a within a shell script. 
 This information was taken from  
 * *Mathias Kettner* @ http://linuxproblem.org/art_9.html 
 * https://wiki.archlinux.org/index.php/SSH_keys#Choosing_the_authentication_key_type 

 h2. Setup  

 First log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase: 
 <pre><code class="bash"> 
 a@A:~> ssh-keygen -t ed25519 
 Generating public/private rsa key pair. 
 Enter file in which to save the key (/home/a/.ssh/id_ed25519):  
 Created directory '/home/a/.ssh'. 
 Enter passphrase (empty for no passphrase):  
 Enter same passphrase again:  
 Your identification has been saved in /home/a/.ssh/id_ed25519. 
 Your public key has been saved in /home/a/.ssh/id_ed25519.pub. 
 The key fingerprint is: 
 SHA256: CFyCCOw2e1Rz11avE7iU8GQy2Kb4tqqPHwztbPHlCqM a@A 
 </code></pre> 

 Now use ssh to create a directory ~/.ssh as user b on B. (The directory may already exist, which is fine): 

 <pre><code class="bash"> 
 a@A:~> ssh b@B mkdir -p .ssh 
 b@B's password:  
 </code></pre> 

 Finally append a's new public key to b@B:.ssh/authorized_keys and enter b's password one last time: 

 <pre><code class="bash"> 
 a@A:~> cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys' 
 b@B's password:  
 </code></pre> 

 h2. Test  

 From now on you can log into B as b from A as a without password: 

 <pre><code class="bash"> 
 a@A:~> ssh b@B hostname 
 B 
 </code></pre> 

 h2. Troubleshooting  

 If for any reason this is not working it might be because of wrong permissions or SELinux-context 

 <pre><code class="bash"> 
 ll ~/.ssh 
 </code></pre> 
 needs permission-wise result in 
 <pre><code class="bash"> 
 drwx------. 2 root root 4096 Aug    3 11:04 . 
 dr-xr-x---. 6 root root 4096 Aug    3 11:23 .. 
 -rw-r--r--. 1 root root    410 Aug    3 11:04 authorized_keys 
 -rw-------. 1 root root 1671 Aug    3 09:05 id_ed25519 
 -rw-r--r--. 1 root root    404 Aug    3 09:05 id_ed25519.pub 
 </code></pre> 
 to restore SELinux-context perform 
 <pre><code class="bash"> 
 restorecon -R -v ~/.ssh 
 </code></pre>