Versions Compared

Old Version 14

changes.mady.by.user Wayne Chen

Saved on

compared with

New Version Current

changes.mady.by.user Wayne Chen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • macOS (local client) to RHEL (remote server)
  • RHEL (local client) to RHEL (remote server)

Some important points

  • Each local home directory in a client only need one key pair generated.  This key pair can be used for multiple servers.
  • If all the servers mount a central network home you only need to exchange key with one server; only one exchange per server home directory.
  • If you have multiple server accounts you will have to add the key to each account’s authorized_keys file.

  • Each client requires an exchange and if you have multiple local accounts that you ssh from per client, each local account need to have the exchange done.

KEY GENERATION - Generate a Public/Private Key Pair on the local client machine:

Open a Terminal window on your local machine and type the following:

...


Your public key has been saved in ~/.ssh/id_rsa.pub

KEY EXCHANGE - Transfer the Public Key to Remote Server

You now need to copy your public key to the machines that you want to SSH to. You must copy the public key to each remote machine.

  1. SSH to the remote machine: 

    Code Block
    ssh <username>@<remotemachine>


  2. Then confirm the remote machine has a ".ssh" folder in your account's home directory: 

    Code Block
    ls -la ~


  3. If it does not, create the .ssh folder: 

    Code Block
    mkdir ~/.ssh


  4. Now copy your local public key to the remote machinehome directory of the remote server.  Repeat for each account

    Code Block
    scp ~/.ssh/id_rsa.pub <username>@<remotemachine>:~/.ssh/<localmachinename>.pub

    where <hostmachinename> <localmachinename> will help identify the source of the public key. 

    Now SSH into the remote machine you have copied the file to, and cd to the .ssh directory in your home directory: 

    Code Block
    cd ~/.ssh


  5. You'll see the <hostmachinename>Add the <localmachinename>.pub file you just copied over . Add its contents to a file named "authorized_keys": 

    Code Block
    cat ~/.ssh/<hostmachinename><localmachinename>.pub >> ~/.ssh/authorized_keys


  6. Make sure that directory and it's files are only accessible by your account: 

    Code Block
    chmod 700 ~/.ssh
chmod go-rwx ~/.ssh/*


  7. Back on the local machine, test SSH:

    Code Block
    ssh <username>@<remotemachine>

    which should result in a login without a password. 

  8. Repeat for every remote machine that does not have a centralized network home directory.