Requirement:
- openssh
- rsync
Create key pair in your host is straight forward:
$ ssh-keygenGenerating public/private rsa key pair.Enter file in which to save the key (/home/foo/.ssh/id_rsa):Created directory '/home/foo/.ssh'.Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /home/foo/.ssh/id_rsa.Your public key has been saved in /home/foo/.ssh/id_rsa.pub.The key fingerprint is:XXXXXX foo@SERVER_AThe key's randomart image is:....You have to copy foo's public key into remote site
Method 1: Manual copy public key to remote
on host
$ scp -P 22 ./.ssh/id_rsa.pub bar@SERVER_B:/home/bar/The authenticity of host '[SERVER_B]:22 ([SERVER_B]:22)' can't be established.ECDSA key fingerprint is XXXXXX.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '[SERVER_B]:22' (ECDSA) to the list of known hosts.bar@SERVER_B's password:id_rsa.pub 100% 390 0.4KB/s 00:00on remote site
$ cat /home/bar/id_rsa.pub >> /home/bar/.ssh/authorized_keysMethod 2: Direct add public key to remote
$ ssh-copy-id -p 22 bar@SERVER_B/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysbar@SERVER_B's password:Number of key(s) added: 1Now try logging into the machine, with: "ssh -p '22' 'bar@SERVER_B'"and check to make sure that only the key(s) you wanted were added.Done, you can ssh using user bar @ SERVER_B without entering password (using your key), from foo @ SERVER_A.
No comments:
Post a Comment