Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 8 Next »

1- create the Private key & Public key ( .pub) on the Client:  ssh-keygen
2- copy the public key to the server: ssh-copy-id
3- To set up SSH agent to avoid retyping passwords, you can do:
4- SSH test ( will ask for the passphrase once!)
5- check the Local keys:
6- check the Remote keys:


1- create the private & Public key on the Client:  

ssh-keygen ( press enter + enter the passphrase )  

ssh-keygen 
passphrase = ansible123

/project # ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:gm6e/5Cv5nMVEnnoeh5aFOvahjBdCoD4zZy4cJTuLwA root@fd9589e5bc79
The key's randomart image is:
+---[RSA 2048]----+
|.. .     o       |
|o +     = .      |
| + * . . =       |
|E = *.  * .      |
|.+ ..o.*S. .     |
|. o.o +o= .      |
| . .oooO o       |
|  .o..*o=        |
|   .o++*o        |
+----[SHA256]-----+
/project #
show keys 
/project # ls /root/.ssh/
id_rsa       id_rsa.pub   known_hosts


/project # more /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAxxxxxxxxxxcccccccccccccccccccccccQOka7obnxEqD0ot799TtwsbraxVdiUeaFOymbqCjVeUjVdD8p0+JNlCVJIFRn7dO5nx/PuONUw9n5aW6smNq5TWFF5UfjfIUM7ShCVwOo3wXWPhxJhrl85b9A2WMBTa/hZTeukIbNCI82xq7zuCReTUtA+Oz9P1jVu/WgrijHOf/zkzCSwvHt9MEgdaYy3F6HuoOksTXDGM8nPCw93m9cnSkrdndCL7cJQjOBtz4KluCaALyMs4LwUlBVKy70stjMvxIuVSKnkOqlLD root@fd9589e5bc79
/project #


/project # more /root/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,2C9AC05EC004F4E7CFA7DBFA199FC4EC

qCQ1Rvb1DlmuEoRk964akjn3g0hDN5MCtDLqMwaFfsPbGOQkPCxlvioqaRXX42CD
eH3XQPWziRwPHAfM8+ZEplvumegXLEON9o5H1jC6KHRu7RhcuUsLo+4XBqYSrCru
fLT5ZI3I8zmppb1ycexxxxxxxxxxx+3e/htUwO0N954Mn7UmaWWKxpgcGVZzmyTQ
68ZfkSz3uEQoHtzApR31tn+ZnKbJM2//aA0UsR+Q+cWuXd5QLl/U+vpilhV+PZx8
j/j51pP9c5jDjn/H4LOxWuL5isAPHPYFoZIsj//guoyXM94Z/zztW800492R7DQ1
T9ijXgQhQNwYjiL8/avg4fbE+C4EfRBvgfi2uv+gVeQte9XN+1OyMoDyJ9VdymQF
Dqn/xLRxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxoWrrVSoba6ubr293B1FNDnL
XdCbRvzlMMHBWXYeDUmGevec8vve/jcBmOax+EOfDa4TU+r/0lEQxfVeYetIrv6I
Iv8LWs5Kp2UP4Nu3z9x/Op945JqqYWKU5LIaLuRMwOoc4BXjxhf8gnAvEtI0+LZO
aoI72+44KjUVAUxnGwUCLVsMg5f+8ym7L8IMkfBYfP0EL5u1yNhsnPczkje5QNm+
isp8vUkUNfDf/3AOLy/HsVNgmGO944HBbQoxnWl5tTX6PIELzWMm05jPBU/+rWSl
-----END RSA PRIVATE KEY-----


RSA:

 -Asymmetric Encryption: Private and Public key
 -#Diffie-Hellman
 -2,048 bits (or 617 decimal digits )
 -Rivest-Shamir-Adleman


Private Key:  AES-128-CBC ???
AES:

 -Symmetric Encryption Algorithms
 -Block cipher ( 128-bit block message + 128-bit key) >> 128-bit cipher text
 - Advanced Encryptiuon Standard


On the server  create a pair of key, directory /root/.ssh/



2- copy the public key to the server:

ssh-copy-id  ansible@192.168.99.11 

or just copy the file using: sftp/ssh



Check:  after the ssh-copy-id, on the remote server: before/after   ( /root/.ddh  or /home/<username>/.ssh/ )


3- To set up SSH agent to avoid retyping passwords, you can do:


http://docs.ansible.com/ansible/intro_getting_started.html


$ ssh-agent bash
$ ssh-add ~/.ssh/id_rsa    #here you load the Private key to be used


-l  Lists fingerprints of all identities currently represented by the agent.

[root@hp8300 ~]# ssh-add -l
2048 48:54:e7:a8:d8:cf:79:23:0d:f7:dd:9a:fc:6c:c5:d3 /root/.ssh/id_rsa (RSA)

-L  Lists public key parameters of all identities currently represented by the agent.

[root@hp8300 ~]# ssh-add -L

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyKQ+IXr/yiLt7N/SSh4++V8G3K0ZoU1Pi/M85D/5Gtuh6kq6DAqk/F/lUxc0QFZNVGB9r1fCyVtwuGVhxaImXbziB0gRbBG2uclwwH0bbQUDNm+MJ5QtXjRGCmelNa5DpzfdVI8MzkJN+TI+9PJm1CuuyfBIId554IiFOKsCmt8ORCkU4X+zdXkwZeMv+7jW9sqgYHbEU7m3DU1goJYko8mKMZabpkDUu1sxktGXgMEb3uanID5ViV4VSSxv8c9yVe896cXTmZBra0Dq2NU6WWRWe/fvcukeIO5knNiGTBCpbgpNZM3u11rYbzni/Nun7oKDqBg6+aO4EI0tDn4ZP /root/.ssh/id_rsa



4- SSH test ( will ask for the passphrase once!)


5- check the Local keys: 


6- check the Remote keys: 




  • No labels