Start on Nebula.despro.lan. We need to repeat this procedure on Orion.despro.lan.
On Nebula.despro.lan
Let's move over to the special .ssh directory
root@nebula:~# cd ~
root@nebula:~# cd .ssh/
root@nebula:~/.ssh# ls -1
known_hosts
root@nebula:~# touch authorized_keys
Next generate a SSH keypair: ssh-keygen -b 4096 -N '' -t rsa -f id_rsa
root@nebula:~# ssh-keygen -b 4096 -N '' -t rsa -f id_rsaGenerating public/private rsa key pair.Your identification has been saved in id_rsa.Your public key has been saved in id_rsa.pub.The key fingerprint is:90:74:ae:c9:24:7f:4c:46:3f:08:77:54:1b:23:d9:fb root@Nebula
root@nebula:~/.ssh# ls -1
authorized_keys
id_rsa ? private key
id_rsa.pub ? public key
known_hosts
ssh-keygen -b 4096 -N '' -t rsa -f id_rsa This command generates a new long keyfile with NO passphrase, filetype RSA and filename id_rsa. This will take a couple of minutes, so please be patient with your computer, it's a slow little computer you know. When done you should have two new files called id_rsa and id_rsa.pub. This is a SSH keypair, both a public key and a private key. So now we copy over the public keyfile from the Nebula.despro.lan to Orion.despro.lan.
Execute the next four commands.
ssh root@Orion.despro.lan 'mkdir .ssh'cat ~/.ssh/id_rsa.pub | ssh root@Orion.despro.lan 'cat >> .ssh/authorized_keys'ssh root@Orion.despro.lan 'chmod -R go-rwx .ssh'ssh root@Orion.despro.lan 'chmod go-rwx ~'
Or Copy id_rsa.pub from Nebula.despro.lan (ssh Client) to Orion.despro.lan (ssh Server) using rsync, scp or ssh-copy-id.
for Rsync
root@nebula:~/.ssh# rsync -i id_rsa.pub root@orion.despro.lan:/tmproot@nebula:~/.ssh# ssh root@orion.despro.lanroot@orion.despro.lan's password: *****Now You are inside Orion.despro.lan
root@orion:~/.ssh# cat /tmp/id_rsa.pub >> /root/.ssh/authorized_keysfor ssh-copy-id
root@nebula:~/.ssh# ssh-copy-id -i ~/.ssh/id_rsa.pub orion.despro.lan
root@orion.despro.lan's password: *****
Now try logging into the machine, with "ssh 'orion.despro.lan'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting. And ssh-copy-id will copy your public key into the authorized_keys file of your user on that remote system. From now on when you ssh to that system, you won’t need to enter a password.
Final Step
root@Orion:~/ chmod -R go-rwx .ssh
root@Orion:~/ chmod go-rwx ~
Now trying to ssh to the Orion.despro.lan, you should now login to Orion.despro.lan without password.
Now go back to the beginning, log on to Orion.despro.lan and repeat this procedure of generating keys and copying the public key over to Nebula.despro.lan. When you have keys generated on both boxes, and copied over the public key into the authorized_keys. Now you should be able to log on using ssh without the need to enter a password, instead the private key is used to authenticate the session.
Rsync via ssh-automatic-logon
and type in remoteuser@remotehost's password when prompted. I do need to make sure that remoteuser has read permissions to /remote/dir/ on remotehost, and that thisuser has write permissions to /this/dir/ on thishost. Also, 'rsync' and 'ssh' should be in this user's path (use "which ssh" and "which rsync"), 'rsync' should be in remoteuser's path, and 'sshd' should be running on remotehost.
$ rsync -avz -e ssh remoteuser@remotehost:/remote/dir /this/dir/Done
Referensi : Referensi 01
No comments:
Post a Comment