Machine1 (user1)
wants to login Machine2 (user2) without
password.
To configure public-key authentication, follow these steps:
# mkdir ~/.ssh
# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (//.ssh/id_rsa):<Press Enter>
Enter passphrase (empty for no passphrase): <Press Enter>
Enter same passphrase again: <Press Enter>
Your identification has been saved in /tmp/hi.
Your public key has been saved in /tmp/hi.pub.
The key fingerprint is:
84:7d:f5:dd:88:f7:53:88:8a:6e:f7:85:04:28:6e:ed root@<hostname>
|
5.
HP-UX Secure Shell generates
the key pairs id_rsa and id_rsa.pub and stores them in the $HOME/.ssh directory
on the Machine1 system.
6.
Set the following configuration
directive in the /opt/ssh/etc/sshd_config configuration file on the Machine1 system:
PubkeyAuthentication yes
|
9.
To ensure that the permissions
of the home directory of the Machine1, the $HOME/.ssh
directories, and all files under the $HOME/.ssh directory
match the permissions listed in Table 4-2,
run the following commands:
# ll -d $HOME
# ll -d $HOME/.ssh
#ll $HOME/.ssh/
|
File/Directory
|
Permissions
|
$HOME (home directory)
|
drwx------ or drwxr-xr-x
|
$HOME/.ssh
|
drwx------ or drwxr--r--
|
$HOME/.ssh/id_rsa and id_dsa
|
-rw-r--r-- or -rw------
|
$HOME/.ssh/id_rsa.pub and id_dsa.pub
|
-rw-r--r-- or -rw------
|
$HOME/.ssh/config
|
-rwx------
|
#mkdir ~/.ssh [Run this command in Machine2 as user2]
Now the below commands in Machine1 as user1:
#cat $HOME/.ssh/id_dsa.pub |ssh user2@Machine2 ‘cat - >> $HOME/.ssh/authorized_keys
The authenticity of host ’remoteuser.remotehost (15.70.189.130)’ can’t be established
RSA key fingerprint is 2a:c9:77:ad:d5:d3:ef:c3:1e:12:12:9e:3a:9f:c0:38.
Are you sure you want to continue connecting (yes/no)?
|
· To enable public-key authentication, set the following directive in the Machine2 configuration file /opt/ssh/etc/sshd_config:
PubkeyAuthentication yes
|
File/Directory
|
File Permission
|
$HOME (home directory)
|
drwx------ or drwxr-xr-x
|
$HOME/.ssh
|
drwx------ or drwxr--r--
|
$HOME/.ssh/authorized_keys and $HOME/.ssh/authorized_keys2
|
-rw-r--r-- or -rw------
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$ ssh Machine2
|
In order to set
up ssh to only accept login by public key and not interactive login, the
following changes are needed to sshd_config
PermitRootLogin without-password
Change: (remove the # and save the file)
#PubkeyAuthentication yes
to
PubkeyAuthentication yes
You must restart the sshd daemon next to implement:
/sbin/init.d/secsh stop
/sbin/init.d/secsh start
Make sure you have placed a public key file from a system you want to login and tested it first or your access will be console, hands on the keyboard only. That can be a big problem on remote systems.
PermitRootLogin without-password
Change: (remove the # and save the file)
#PubkeyAuthentication yes
to
PubkeyAuthentication yes
You must restart the sshd daemon next to implement:
/sbin/init.d/secsh stop
/sbin/init.d/secsh start
Make sure you have placed a public key file from a system you want to login and tested it first or your access will be console, hands on the keyboard only. That can be a big problem on remote systems.
Unixpedia : Hpux / Linux / Solaris: Hpux : Generation And Distribution Of Ssh Key >>>>> Download Now
ReplyDelete>>>>> Download Full
Unixpedia : Hpux / Linux / Solaris: Hpux : Generation And Distribution Of Ssh Key >>>>> Download LINK
>>>>> Download Now
Unixpedia : Hpux / Linux / Solaris: Hpux : Generation And Distribution Of Ssh Key >>>>> Download Full
>>>>> Download LINK Tk