SSH in BatchMode
Manuel Arostegui Ramirez
manuel at todo-linux.com
Tue May 23 10:38:26 UTC 2006
El Martes 23 Mayo 2006 12:34, Vikas Rawat escribió:
> Thanks guys for the overwhelming response. Finally I got it working. For
> the interested people, the issue was with the ownership of the home
> directory for the root account. See below
>
> - EARLIER was
> drwx------ 9 vikas.rawat coe 4096 May 23 14:59 coe
>
> - MODIFIED to
> drwx------ 9 root coe 4096 May 23 15:00 coe
>
> This works.
>
> Regards,
> Vikas
That's very common slip-up
Finally you got it, congratulations :-)
Manuel.
>
> Here is a clearly defined process from one of my colleagues (Prashant
> Lal) for doing the same.
> ------------------------------------------------------------------------
> ----------------------
>
> Host machine: rhythm
> Remote machine: blrqmail
>
> 1. Generate key on host machine. This is for the user id 'lalp', change
> to the uid you want to create a key for
>
> [lalp at rhythm .ssh]$ ssh-keygen -d
> Generating public/private dsa key pair.
> Enter file in which to save the key (/home/lalp/.ssh/id_dsa): "press
> ENTER here"
> Enter passphrase (empty for no passphrase):
> "press ENTER here"
> Enter same passphrase again:
> "press ENTER here"
> Your identification has been saved in /home/lalp/.ssh/id_dsa.
> Your public key has been saved in /home/lalp/.ssh/id_dsa.pub.
> The key fingerprint is:
> 2d:c3:13:b8:38:65:dc:f7:cd:a3:d5:80:4e:32:54:93 lalp at rhythm
>
> Now your keys are generated. We have not given any passphrase instead we
> have pressed the enter because to perform the automated scripted
> operations on the remote machine.
>
>
> 2. Copy the id_dsa.pub file as authorized_keys from the host machine to
> remote machine (into the home folder of the uid i.e.
> <blrqmail>/home/lalp in this case)
>
> [lalp at rhythm .ssh]$ scp /home/lalp/.ssh/id_dsa.pub
> lalp at blrqmail:/home/lalp/.ssh/authorized_keys
>
> CAUTION: This would overwrite your existing file. If you want to add to
> your file, copy to some other location and append to this. Try this on
> the host machine [lalp at rhythm .ssh]$ scp /home/lalp/.ssh/id_dsa.pub
> lalp at blrqmail:/home/lalp/.ssh/lalp.rhythm.id_dsa.pub
> On the remote machine
> [lalp at blrqmail .ssh]$ cat lalp.rhythm.id_dsa.pub >> authorized_keys
>
> Note: If you are logging into the remote machine for the first time
> using SSH, you will be asked to save the remote machine's certificate.
> Please accept and save it.
>
> 3. Now check the permision on the remote machine for .ssh and
> authorized_keys
>
> [lalp at blrqmail lalp]$ chmod -R 600 /home/lalp/.ssh [lalp at blrqmail .ssh]$
> ls -lrt total 8
> -rw-r--r-- 1 lalp lalp 601 May 23 14:29 authorized_keys
>
> [lalp at blrqmail .ssh]$ ls -la ../ |grep .ssh
> drwx------ 2 lalp lalp 4096 May 23 14:30 .ssh
> [lalp at blrqmail .ssh]$
>
> 4. Log in from the host machine to remote machine
>
> [lalp at rhythm .ssh]$ ssh blrqmail
> [lalp at blrqmail lalp]$
>
> You should be logged in straightaway with out any password.
>
>
> -----Original Message-----
> From: Stephen Berg [mailto:sberg at mississippi.com]
> Sent: Tuesday, May 23, 2006 3:56 PM
> To: General Red Hat Linux discussion list
> Subject: Re: SSH in BatchMode
>
> Vikas Rawat wrote:
> >>3. We have also changed the file/directory permission for ~/.ssh &
> >>~/.ssh/authorized_key to be read-write for user only by executing
> >>
> >>>chmod -R 600 .ssh
>
> Did you modify /etc/sshd_config to use the ~/.ssh/authorized_keys file?
> Also notice that it should be "keys" not "key". And by default
> sshd_config won't read that file to check for public keys.
> --
> Stephen Berg
> //- Linux/UNIX SysAdmin -/- Fixer of that which is broke -//
> //- Home = sberg at mississippi.com -//
> //- Work = stephen.berg at noaa.gov -//
> //- http://iceberg.3c0x1.com/ -/- http://www.3c0x1.com -//
> Sinners can repent, but stupid is forever.
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
--
Manuel Arostegui Ramirez #Linux Registered User 295750
Socio de Hispalinux 1813
Red Hat Linux 9, Kernel 2.6.2 ReiserFS
Firma cifrada
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE+3O1MqfmPcHTj+twRAm
yDAJ9P6ezepIMg06vOet/YPKxVoB+Z/ACfWVhh
---END PGP SIGNATURE-----
More information about the redhat-list
mailing list