ssh-keygen -t rsa -b 2048
We should end up with a public key here:
~/.ssh/id_rsa.pub
and a private key in here:
~/.ssh/id_rsa
We now need to place our public key on the remote server so it will allow us to login from the origin server:
vi ~/.ssh/authorized_keys
and copy the relevant output of ~/.ssh/id_rsa.pub (from the master server.)
and then attempt to login to the remote server:
ssh root@remote-server
I received the following error message after attempting to login on CentOS 7:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
So to debug this issue we can run the SSH daemon in debug mode:
vi /etc/sysconfig/sshd
and add: OPTIONS="-ddd"
and then restart the SSH daemon:
systemctl restart sshd
and observe the output with tail or something similar:
tail -f /var/log/messages
After reviewing the output I noticed 'key_read missing keytype' - after reviewing the 'authorized_keys' file on the remote server it was immediately obvious what was wrong - the two keys were missing a linebreak between them - lesson learnt!
No comments:
Post a Comment