Ssh simple explanation: Difference between revisions
Jump to navigation
Jump to search
(Created page with "No matter how many times I configure ssh keys, I rarely have the process go smoothly. It is time to write down how it works so I can get it straight in my head. ===Moving piece…") |
|||
| Line 9: | Line 9: | ||
===ssh without passwords for cron === | ===ssh without passwords for cron === | ||
A special private key can be generated without a passphrase. Distribute the public key as normal, but when issuing the ssh command in a script, include the identity (private key) without a passphrase: | A special private key can be generated without a passphrase. Distribute the public key as normal, but when issuing the ssh command in a script, include the identity (private key) without a passphrase: | ||
ssh -i /home/rday/.ssh/cronkey | ssh -i /home/rday/.ssh/cronkey <remote machine> command | ||
There, that wasn't so hard. | There, that wasn't so hard. | ||
Revision as of 23:05, 3 May 2011
No matter how many times I configure ssh keys, I rarely have the process go smoothly. It is time to write down how it works so I can get it straight in my head.
Moving pieces
- private key : generate this with ssh-keygen. It must have 0600 permissions and usually lives in ~/.ssh
- public key : generate this with ssh-keygen. It must have 0600 permissions and usually lives in ~/.ssh. This file should be distributed to remote hosts and placed in the authorized keys files to allow ssh access to that remote host.
- authorized keys file : this is a list of users and hosts that have access via ssh to this account
- known hosts file : a list of hosts that have been visited and thus authorized
ssh without passwords for cron
A special private key can be generated without a passphrase. Distribute the public key as normal, but when issuing the ssh command in a script, include the identity (private key) without a passphrase:
ssh -i /home/rday/.ssh/cronkey <remote machine> command
There, that wasn't so hard.