SSH Keys

From KlavoWiki
Jump to navigationJump to search

With any SSH connection the user must be authenticated by ways of a password. SSH keys contain the IP of the machine, username and a public/private key which are used for the authentication of SSH connections.

Create SSH keys

To create the SSH keys you run this command on each node;

[root@localhost ~]# ssh-keygen -t rsa

The output will look like this;

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
2b:7d:e0:7c:ca:7b:46:95:fd:94:9e:55:be:c5:8d:07 root@localhost

You do not want to enter a passphrase as you will be required to enter this for each SSH connection (defeating our purpose of no manual intervention).

Copy keys

On each node you must copy the /root/.ssh/id_rsa.pub to the other nodes but into the file /root/.ssh/authorized_keys'. For example;

[root@localhost ~]# scp /root/.ssh/id_rsa.pub root@otherhost:/root/.ssh/authorized_keys

This will over write authorized_keys if it exists so you may be better off copying it to a temporary file like temp_key and then adding it into authorized_keys