Skip to main content

Setting up SSH authentication between two linux/unix/macos hosts - quick reference

You have two hosts that you want to set up password-less access between local to remote system. This can be easily scripted and all commands are run from local system using ssh into remote system starting with password but at the end of these commands you will have password-less authentication set up.

Tasks on Source System:
(Note that For ESXi 5.x, 6.0, 6.5 and 6.7, the authorized_keys is located at: /etc/ssh/keys-<username>/authorized_keys)

  • ssh-keygen -t rsa
  • ssh remoteuser@remotehost mkdir -p .ssh
  • cat .ssh/id_rsa.pub | ssh remoteuser@remotehost 'cat >> .ssh/authorized_keys'
  • ssh remoteuser@remotehost "chmod 700 .ssh; chmod 640 .ssh/authorized_keys"
  • ssh remoteuser@remotehost

For two ASW instances we could do following.
Call the two systems control and managed, where control machine is your source and managed is remote or target.

  • Log into Control machine and perform following.
    • ssh -i "PRIVATE-KEY.pem" ec2-user@ec2-1-2-3-4.eu-west-1.compute.amazonaws.com
    • ssh-keygen -t rsa
    • cat .ssh/id_rsa.pub
    • Take a secure copy of above output which is the key.
  • Now log into Managed machine and perform following
    • mkdir -p .ssh
    • vi .ssh/authorized_keys # Create/ Edit this file
    • Paste the output of secure copy of key you obtained from control machine into this file.
    • chmod 700 .ssh
    • chmod 640 .ssh/authorized_keys
  • Now you should be able to ssh managed machine from control machine without any key or password.

Popular posts from this blog

TrueCrypt on macOS X Mojave 10.14

If you have updated your macOS recently to Mojave otherwise known as verison 10.14 you may not be able to install the last version of Truecrypt in order to access your old volumes encrypted with Truecrypt software. This article will guide you to get this working on your MacOS v10.14 (Mjoave) . Download the package from  https://truecrypt.ch/downloads/  or  https://www.truecrypt71a.com/downloads/ . Find downloaded package using Finder in your HDD/Users/username/Downloads folder and will look like  TrueCrypt 7.1a Mac OS X.dmg . Open file location in Finder and open or double click on  TrueCrypt 7.1a Mac OS X.dmg . This will mount Truecrypt 7.1a and will have Truecrypt 7.1a.mpkg in it. Drag the package T rueCrypt 7.1a.mpkg and drop in your Downloads folder. From Locations in Finder you can eject your TrueCrypt mount. Now go to your Downloads location, find the file  TrueCrypt 7.1a.mpkg , right click and select Show Package Contents . Find the file Contents/distribution.di

Tools you need before you start using Terraform for orchestration infrastructure in cloud

Terraform one of the famous open source tool used for planning, deploying and maintaining infrastructure as a code and the beauty of this tool is that it works across various cloud service providers. Even though I personally like the AWS Cloudformation, it is AWS only and most probably it will always remain limited to Amazon Web Services. It has few advantages over other tools when using with AWS and will be the first to have new AWS features incorporated before other tools and APIs catch up. However if you are not limiting yourself to AWS only or have hybrid environment you may want to use a 3rd party tool compatible for all cloud infrastructures. Terraform being one of them is youngest client only tool and this article will help you setting up your desktop environment and give you understanding of how it works before you can start to code. Prerequisites: Computer running Windows, Linux, Solaris or MacOS operating system. Downloads: Download Terraform directly from the crea

Running VNC Server as a Service on Ubuntu

Method 1: VNC Server as a Service on Ubuntu desktop similar to Redhat sysconfig sudo apt-get install vncserver sudo mkdir -p /etc/sysconfig sudo touch /etc/sysconfig/vncservers sudo vi /etc/sysconfig/vncservers # Add following VNC Server instances where username and arguments are defined for each session. VNCSERVERS=" 1:user1 2:user2 3:user3 " VNCSERVERARGS[1]=" -geometry 1280x992 -depth 16 " VNCSERVERARGS[2]=" -geometry 800x600 -depth 8 " VNCSERVERARGS[3]=" -geometry 980x720 " sudo vi /etc/init.d/vncserver # Add below to the service script #!/bin/bash # # chkconfig: - 91 35 # description: Starts and stops vncserver. \ # used to provide remote X administration services. # Source function library. # . /etc/init.d/functions # Source networking configuration. # . /etc/sysconfig/network # Check that networking is up. # [ ${NETWORKING} = "no" ] && exit 0 unset VNCSERVERARGS VNC