Script utilisant SSH (scp, rsync) / Connexion entre 2 serveurs sans saisie de mot de passe

Ref : http://www.linuxproblem.org/art_9.html

But : Utiliser Linux et OpenSSH pour automatiser une tâche = créer un script qui fait un login automatique (sans mot de passe) d’un serveur A (user a) vers un serveur B (user b).

1) Log in on A as user a and generate a pair of authentication keys. Do not enter a passphrase :

a@A:~> ssh-keygen -t rsa     <enter> .. <enter>

Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa):
Created directory ‘/home/a/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A

2) Now use ssh to create a directory ~/.ssh as user b on B. (The directory may already exist, which is fine)

a@A:~> ssh b@B mkdir -p .ssh
b@B's password:

3) Finally append a’s new public key to b@B:.ssh/authorized_keys and enter b’s password one last time

a@A:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
b@B's password:

Testons : From now on you can log into B as b from A as a without password:

a@A:~> ssh b@B   On ne doit normalement plus saisir de MdP ?

A note from one of our readers: Depending on your version of SSH you might also have to do the following changes:
• Put the public key in .ssh/authorized_keys2
• Change the permissions of .ssh to 700
• Change the permissions of .ssh/authorized_keys2 to 640

 

Exemple de bug rencontré :  ssh sans saisie pswd avec le user ‘otrs’ : impossible !
→ Solution : Création d’un nouveau User ou utilisation d’un User qui fonctionne !