Question
How can I log in to or between Linux servers more securely than using a password?
This does include logging between multiple control servers, control servers, and compute resources, and even logging into virtual servers without the need for a password that can be hacked.
Environment
OnApp All Versions
Linux VSs
Answer
An RSA key is a very secure method of logging into a server without a password, while still preventing unauthorized users from accessing the same server. For cloud security, we recommend using SSH keys to access clouds instead of passwords.
To generate an SSH key, you will first need to SSH into the server (you will want to be logged in as the user you want to make the key for. In most cases, it is root).
Then, run the following command:
ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.pub2.
Your public key has been saved in /root/.ssh/id_rsa.pub2.pub.
The key fingerprint is:
bd:26:53:4a:a9:83:6d:0e:31:6c:67:77:8c:b5:9b:e7 root@dev10-cp
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| . |
| . * . |
| = o S * |
| . B + + + |
| o = + = . |
| + . + o |
| . E |
+-----------------+
CODE
From there, add a key to a new server (make sure you're still logged in as the user you want to access):
ssh-copy-id -i /home/<USER>/.ssh/id_rsa.pub root@<NEW SERVER IP>
CODE
This will prompt for the password for the second cloud you are adding it to. Then, the key is added and it will allow you to use the key instead of the password.
See Also: