Linux: ssh keys - SSH

This is a discussion on Linux: ssh keys - SSH ; Does anyone know how to setup two servers to be able to have ssh keys from each other setup as trusted between the two? This would be so they can scp backup files (.tar) between each other. Thanks in advance ...

+ Reply to Thread
Results 1 to 9 of 9

Thread: Linux: ssh keys

  1. Linux: ssh keys

    Does anyone know how to setup two servers to be able to have ssh keys
    from each other setup as trusted between the two?

    This would be so they can scp backup files (.tar) between each other.

    Thanks in advance if anyone can be of ANY help.


  2. Re: Linux: ssh keys

    Tom:
    >Does anyone know how to setup two servers to be able to have ssh keys
    >from each other setup as trusted between the two?


    OpenSSH: create a key pair with ssh-keygen. Store the public key on the
    remote server, in ~/.ssh/authorized_keys of the user account. Load the
    private key into ssh-agent. And vice versa.
    http://www.suso.org/docs/shell/ssh.sdf

    --
    René Pijlman

  3. Re: Linux: ssh keys

    Okay, I think I get it. One more question:

    Could I just ssh@otherserv from each server which automatically adds it
    to known hosts?

    Also one of the servers doesn't have direct root access. I have to log
    in through a username first. How would I do this?


    Rene Pijlman wrote:
    > Tom:
    > >Does anyone know how to setup two servers to be able to have ssh keys
    > >from each other setup as trusted between the two?

    >
    > OpenSSH: create a key pair with ssh-keygen. Store the public key on the
    > remote server, in ~/.ssh/authorized_keys of the user account. Load the
    > private key into ssh-agent. And vice versa.
    > http://www.suso.org/docs/shell/ssh.sdf
    >
    > --
    > René Pijlman



  4. Re: Linux: ssh keys

    Tom:
    >Could I just ssh@otherserv from each server which automatically adds it
    >to known hosts?


    When you ssh interactively you will be prompted to add the keys to known
    hosts.

    >Also one of the servers doesn't have direct root access. I have to log
    >in through a username first. How would I do this?


    How would you do what?

    --
    René Pijlman

  5. Re: Linux: ssh keys



    > Tom:
    > >Could I just ssh@otherserv from each server which automatically adds it
    > >to known hosts?

    >
    > When you ssh interactively you will be prompted to add the keys to known
    > hosts.

    Will it then store them there so I won't be prompted again? If so that
    would be easier than generated a new key, I think?

    >
    > >Also one of the servers doesn't have direct root access. I have to log
    > >in through a username first. How would I do this?

    >
    > How would you do what?

    Setup the ssh keygen that you mentioned earlier for two users. One is
    "user" and one is "root".


  6. Re: Linux: ssh keys

    >>>>> "TL" == Tom writes:

    >> Tom: >Could I just ssh@otherserv from each server which
    >> automatically adds it >to known hosts?
    >>
    >> When you ssh interactively you will be prompted to add the keys to
    >> known hosts.

    TL> Will it then store them there so I won't be prompted again? If so
    TL> that would be easier than generated a new key, I think?

    You're confusing two different things. The keys you're generating are for
    user authentication. They keys ssh is asking you about are for server
    authentication.

    >> >Also one of the servers doesn't have direct root access. I have

    >> to log >in through a username first. How would I do this?
    >>
    >> How would you do what?

    TL> Setup the ssh keygen that you mentioned earlier for two users.
    TL> One is "user" and one is "root".


    --
    Richard Silverman
    res@qoxp.net


  7. Re: Linux: ssh keys

    Ah, okay. So these are the two different ones:

    user authentication: copy the .pub file from to
    ~/.ssh/authorized_keys.

    server authentication: Load the private key into ssh-agent.

    Is that correct, then? And both will be needed to be setup in order to
    scp files between the two servers. As long as I add the authrized_keys
    for the 'firstuser' and also 'root' then the scp should work without
    prompting?


  8. Re: Linux: ssh keys

    >>>>> "TL" == Tom writes:

    TL> Ah, okay. So these are the two different ones: user
    TL> authentication: copy the .pub file from to ~/.ssh/authorized_keys.

    That's user authorization: telling the server that the owner of that key is
    allowed to access that account.

    TL> server authentication: Load the private key into ssh-agent.

    No. That private key allows you to prove that you own the corresponding
    key mentioned above: user authentication.

    "server authentication" == the client identifying the server
    "user authentication" == the server identifying the client

    The relevant public keys for server auth are in
    {/etc/ssh,~/.ssh}/known_hosts.

    http://www.snailbook.com/faq/no-passphrase.auto.html

    --
    Richard Silverman
    res@qoxp.net


  9. Re: Linux: ssh keys

    Tom:
    >user authentication: copy the .pub file from to
    >~/.ssh/authorized_keys.


    Yes.

    >server authentication: Load the private key into ssh-agent.


    You load the private key into ssh-agent to not be prompted for the private
    key. The server authentication is in ~/.ssh/known_hosts.

    --
    René Pijlman

+ Reply to Thread