SSH in BatchMode
Vikas Rawat
vikas.rawat at tavant.com
Tue May 23 10:34:37 UTC 2006
Thanks guys for the overwhelming response. Finally I got it working. For
the interested people, the issue was with the ownership of the home
directory for the root account. See below
- EARLIER was
drwx------ 9 vikas.rawat coe 4096 May 23 14:59 coe
- MODIFIED to
drwx------ 9 root coe 4096 May 23 15:00 coe
This works.
Regards,
Vikas
Here is a clearly defined process from one of my colleagues (Prashant
Lal) for doing the same.
------------------------------------------------------------------------
----------------------
Host machine: rhythm
Remote machine: blrqmail
1. Generate key on host machine. This is for the user id 'lalp', change
to the uid you want to create a key for
[lalp at rhythm .ssh]$ ssh-keygen -d
Generating public/private dsa key pair.
Enter file in which to save the key (/home/lalp/.ssh/id_dsa): "press
ENTER here"
Enter passphrase (empty for no passphrase):
"press ENTER here"
Enter same passphrase again:
"press ENTER here"
Your identification has been saved in /home/lalp/.ssh/id_dsa.
Your public key has been saved in /home/lalp/.ssh/id_dsa.pub.
The key fingerprint is:
2d:c3:13:b8:38:65:dc:f7:cd:a3:d5:80:4e:32:54:93 lalp at rhythm
Now your keys are generated. We have not given any passphrase instead we
have pressed the enter because to perform the automated scripted
operations on the remote machine.
2. Copy the id_dsa.pub file as authorized_keys from the host machine to
remote machine (into the home folder of the uid i.e.
<blrqmail>/home/lalp in this case)
[lalp at rhythm .ssh]$ scp /home/lalp/.ssh/id_dsa.pub
lalp at blrqmail:/home/lalp/.ssh/authorized_keys
CAUTION: This would overwrite your existing file. If you want to add to
your file, copy to some other location and append to this. Try this on
the host machine [lalp at rhythm .ssh]$ scp /home/lalp/.ssh/id_dsa.pub
lalp at blrqmail:/home/lalp/.ssh/lalp.rhythm.id_dsa.pub
On the remote machine
[lalp at blrqmail .ssh]$ cat lalp.rhythm.id_dsa.pub >> authorized_keys
Note: If you are logging into the remote machine for the first time
using SSH, you will be asked to save the remote machine's certificate.
Please accept and save it.
3. Now check the permision on the remote machine for .ssh and
authorized_keys
[lalp at blrqmail lalp]$ chmod -R 600 /home/lalp/.ssh [lalp at blrqmail .ssh]$
ls -lrt total 8
-rw-r--r-- 1 lalp lalp 601 May 23 14:29 authorized_keys
[lalp at blrqmail .ssh]$ ls -la ../ |grep .ssh
drwx------ 2 lalp lalp 4096 May 23 14:30 .ssh
[lalp at blrqmail .ssh]$
4. Log in from the host machine to remote machine
[lalp at rhythm .ssh]$ ssh blrqmail
[lalp at blrqmail lalp]$
You should be logged in straightaway with out any password.
-----Original Message-----
From: Stephen Berg [mailto:sberg at mississippi.com]
Sent: Tuesday, May 23, 2006 3:56 PM
To: General Red Hat Linux discussion list
Subject: Re: SSH in BatchMode
Vikas Rawat wrote:
>>3. We have also changed the file/directory permission for ~/.ssh &
>>~/.ssh/authorized_key to be read-write for user only by executing
>>
>>>chmod -R 600 .ssh
Did you modify /etc/sshd_config to use the ~/.ssh/authorized_keys file?
Also notice that it should be "keys" not "key". And by default
sshd_config won't read that file to check for public keys.
--
Stephen Berg
//- Linux/UNIX SysAdmin -/- Fixer of that which is broke -//
//- Home = sberg at mississippi.com -//
//- Work = stephen.berg at noaa.gov -//
//- http://iceberg.3c0x1.com/ -/- http://www.3c0x1.com -//
Sinners can repent, but stupid is forever.
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list