There is a virtual infrastructure based on Proxmox, where one virtual server acts as the main server (dev, nginx-proxy) and has an external IP. And there are a bunch of additional virtual servers.
A task: you need to configure the ability to log in from the dev-server to other servers using internal IP addresses without entering a password.
Connect to dev server and create public and private keys
[[email protected]]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:rHLydfgdfgdfgcvbcvbcvbG3GM9tosDSERPfsEW8 [email protected] The key's randomart image is: +---[RSA 2048]----+ |^/o. . | |*[email protected]=o o | |.*+*o+ E | |+.+ o o. | |+o. . S | |+. . | |.. o.o. | | . .=. . | | .o .. | +----[SHA256]-----+
As a result of the command execution, 2 files were generated in the ~ / .ssh / directory
- id_rsa.pub – public key
- id_rsa – The secret key
We copy our public key to the server, to which we will connect without entering a password
[[email protected]]# ssh-copy-id [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added.
[[email protected]]# ssh [email protected] Last login: Wed Oct 2 09:48:44 2019 from 192.168.12.2 [[email protected] ~]# ll .ssh total 9 -rw------- 1 root root 396 Oct 2 09:48 authorized_keys -rw-r--r-- 1 root root 193 Sep 19 10:47 known_hosts
The authorized_keys file appeared on the server to which we passed the public key. The content of this file is the content of the public key.
Thus, using the command ssh-copy-id you can transfer the public key to all servers to which we will subsequently connect.