Setting up SSH keys - KeegMitch/Operations-Engineering-group-c GitHub Wiki
ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa_<server>
e.g.
ssh-keygen -t rsa -b 4096 -f ~/.ssh/id_rsa_db_1
- Leave it blank for no passphrase as it will cause problems for when you try and automate your scripts when syncing into the remote servers.
Set the permissions of both the public and private key to this: sudo chmod 600 ~/.ssh/id_rsa_db_1 & sudo chmod 600 ~/.ssh/id_rsa_db_1.pub
Note: This example is from the database server into backup but do this with the storage server as well with mgmt, db, and app
ssh-copy-id -i ~/.ssh/id_rsa_db_1.pub group-c@backup-c
For the storage server to use ssh-copy-id you have to change ownership to this:
sudo chown group-c:group-c ~/.ssh
sudo chown group-c:group-c ~/.ssh/authorized_keys
- Copy the contents of your public key into a notepad editor, you can find it using this command
sudo cat ~/.ssh/id_rsa_db_1.pub
- Create these if they don't already exist
sudo mkdir -p ~/.ssh
sudo touch ~/.ssh/authorized_keys
- Edit the
authorized_keysfile
sudo vim ~/.ssh/authorized_keys
-
Paste the contents of your public key here
-
Restart ssh on both the servers in in question:
sudo systemctl restart ssh
sudo chmod 700 ~/.ssh
sudo chmod 600 ~/.ssh/authorized_keys
ssh -i ~/.ssh/id_rsa_db_1 group-c@backup-c
Note: you can also use the -v (verbose) flag to troubleshoot any errors
You should be able to connect to the remote server when you specify the ssh key specific to the server, and it should automatically be added to the authorized_keys file
