Script utilisant SSH (scp, rsync) / Connexion entre 2 serveurs sans saisie de mot de passe
Ref : http://www.linuxproblem.org/art_9.html
But : Utiliser Linux et OpenSSH pour automatiser une tâche = créer un script qui fait un login automatique (sans mot de passe) d’un serveur A (user a) vers un serveur B (user b).
1) Log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase :
a@A:~> ssh-keygen -t rsa <enter> .. <enter>
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa):
Created directory ‘/home/a/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A
2) Now use ssh to create a directory ~/.ssh as user b on B. (The directory may already exist, which is fine)
a@A:~> ssh b@B mkdir -p .ssh
b@B's password:
3) Finally append a’s new public key to b@B:.ssh/authorized_keys and enter b’s password one last time
a@A:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
b@B's password:
Testons : From now on you can log into B as b from A as a without password:
a@A:~> ssh b@B On ne doit normalement plus saisir de MdP ?
A note from one of our readers: Depending on your version of SSH you might also have to do the following changes:
• Put the public key in .ssh/authorized_keys2
• Change the permissions of .ssh to 700
• Change the permissions of .ssh/authorized_keys2 to 640
Exemple de bug rencontré : ssh sans saisie pswd avec le user ‘otrs’ : impossible !
→ Solution : Création d’un nouveau User ou utilisation d’un User qui fonctionne !