How to enable ssh between 2 hosts and enable password less login.
1. First login to server1 as user aaron
login as: aaron
aaron@server1's password:
Last login: Fri Sep 10 15:19:14 2010 from 10.120.129.49
Sun Microsystems Inc. SunOS 5.8 Generic Patch December 2002
Welcome !! Aaron Schweitzer !!!
...............................
YOU ARE NOW LOGGED IN - Sat Sep 11 13:01:20 MEST 2010
server1:~ $
server1:~ $
server1:~ $cd .ssh
server1:~/.ssh $ls
known_hosts
2. Generate the ssh key with the ssh-keygen utility
server1:~/.ssh $ssh-keygen -t rsa -N ""
Generating public/private rsa key pair.
Enter file in which to save the key (/home/aaron/.ssh/id_rsa): Your identification has been saved in /home/aaron/.ssh/id_rsa.
Your public key has been saved in /home/aaron/.ssh/id_rsa.pub.
The key fingerprint is:
53:71:83:1c:4a:d7:95:72:a8:4f:19:74:62:70:42:9b aaron@server1
server1:~/.ssh $ls
id_rsa id_rsa.pub known_hosts //id_rsa.pub has public key that has to be shared with server2
server1:~/.ssh $cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtkZQVO6qNTfj+LrD03GdoDe2A+H9vkjW0ojK+BRcRYt9DYDvB1PD7CwFlmB+qHO4u1URLNzmoW7oL6XYsJcO0JiEE1mIq14LXS/Elap/es2RoN+qwezcwwZVzXz6C1gt1ds01aiBKXatZY5+ndIC4o+HHLCaWRqZ+JUttha0Iak= aaron@server1
//This key has to be copied to a file named authorized_keys in .ssh directory in the user's home directory
3. Login to server2 as the same user and generate the ssh as same as above
server1:~/.ssh $ssh server2
Password:
Last login: Sat Sep 11 13:08:23 2010 from server1.mobile.
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
Welcome !! Aaron Schweitzer !!!
...............................
YOU ARE NOW LOGGED IN - Saturday, September 11, 2010 1:08:23 PM MEST
server2:~ $
server2:~ $cd .ssh
server2:~/.ssh $ssh-keygen -t rsa -N ""
Generating public/private rsa key pair.
Enter file in which to save the key (/home/aaron/.ssh/id_rsa): y
Your identification has been saved in y.
Your public key has been saved in y.pub.
The key fingerprint is:
16:07:0b:e7:49:d0:49:89:fa:0e:e6:2e:4f:9e:b5:3d aaron@server2
server2:~/.ssh $cat y.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuhSTr/UkTwOpsbjSzwHq89Zfd2fW/o45X/VH9QxFmWKMQpX3DAEQ0KeY1f+aM8NYNA675lNOtehXxahELSPy6DqRUbL5a9B2lIgHHhaG9dTxKRtwz4qxZYW6S7fT9HXPueHKQfyGjP0lqp2twFC7JOCH9wnOreDj9jPPjMI0hB8= aaron@server2
4. Copy the public key
id_rsa.pub(server1) and
y.pub(server2) and share paste it in file named
authorized_keys. ie, server1's public key should be in server2's authorized_key file and vise versa.
(Note in the below both keys are in same file because the home directory is shared from a fileserver)
server2:~/.ssh $vi authorized_keys
"authorized_keys" [New file]
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAtkZQVO6qNTfj+LrD03GdoDe2A+H9vkjW0ojK+BRcRYt9DYDvB1PD7CwFlmB+qHO4
u1URLNzmoW7oL6XYsJcO0JiEE1mIq14LXS/Elap/es2RoN+qwezcwwZVzXz6C1gt1ds01aiBKXatZY5+ndIC4o+HHLCaWRqZ+JUt
tha0Iak= aaron@server1
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuhSTr/UkTwOpsbjSzwHq89Zfd2fW/o45X/VH9QxFmWKMQpX3DAEQ0KeY1f+aM8NY
NA675lNOtehXxahELSPy6DqRUbL5a9B2lIgHHhaG9dTxKRtwz4qxZYW6S7fT9HXPueHKQfyGjP0lqp2twFC7JOCH9wnOreDj9jPP
jMI0hB8= aaron@server2
5. Now the set up is complete. User aaron can use ssh to login from server1 to server2 and server2 to server1 without password.
server2:~/.ssh $ssh server1
The authenticity of host 'server1 (10.1.64.174)' can't be established.
RSA key fingerprint is c9:ae:b4:be:b7:f5:56:b1:e8:ef:18:31:97:d6:8c:05.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'server1,10.1.64.174' (RSA) to the list of known hosts.
Last login: Sat Sep 11 13:01:20 2010 from edmj625.nt.mobi
Sun Microsystems Inc. SunOS 5.8 Generic Patch December 2002
Welcome !! Aaron Schweitzer !!!
...............................
YOU ARE NOW LOGGED IN - Sat Sep 11 13:10:35 MEST 2010
server1:~ $ssh server2
Last login: Sat Sep 11 13:08:23 2010 from server1.mobile.
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
Welcome !! Aaron Schweitzer !!!
...............................
YOU ARE NOW LOGGED IN - Saturday, September 11, 2010 1:10:48 PM MEST
server2:~ $
No comments:
Post a Comment