Steps that we'll cover:
1. Set up .ssh under the /home/user/
2. Create a DSA keypair (private/public).
3. Copy the public key from one server to the other.
4. Append the public key info to the authorized_keys file.
5. Update twitter account with link to this article.
[TO BE DONE ON BOTH SERVERS]
First, make sure your user has the correct home directory structure set up:
mkdir -p /home/
cd /home/user
Next, we'll generate a dsa (as opposed to rsa) keypair:
ssh-keygen -t dsa
You should now see these files in your .ssh directory:
id_dsa - Private key (DO NOT DISTRIBUTE THIS FILE!)
id_dsa.pub - Public Key (This is the one to distribute)
Now we'll ssh from SERVER1 to SERVER2:
ssh
cd /home/
Now use scp to get the public key from SERVER1:
scp
(this will grab the id_dsa.pub from SERVER1 and rename it in the current directory)
Append the public key to the authorized_keys file:
cat SERVER1.pub >> authorized_keys
Perform the same steps on the other server. If you only need a one-way connection, then you should only set up one server with the public key. A basic rule of security in any operating system is: If you don't need it, don't enable it!
I should also mention that OpenSSH was created by uber-genius Theo DeRaadt (as part of the OpenBSD O/S project) who lives in Alberta, Canada. He was born in South America, but we won't hold that against him...
OpenSSH is THE secure remote access standard on (AFAIK) all Linux/BSD/Unix operating systems. I believe it to be the most important utility ever developed...yeah, it's that important!
No comments:
Post a Comment