Lesson 1.4: Access remote systems using SSH
[root@client bin]# dnf install openssh-server [root@client bin]# dnf install -y openssh-clients [root@client bin]# systemctl enable --now sshd [root@client bin]# systemctl status sshd
output
● sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; preset: enabled) Active: active (running) since Sat 2024-04-06 08:47:20 +0545; 28s ago Docs: man:sshd(8) man:sshd_config(5) Main PID: 11214 (sshd) Tasks: 1 (limit: 22585) Memory: 1.3M CPU: 6ms CGroup: /system.slice/sshd.service └─11214 "sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups"
Machine 1 - Server Configutation
[sanjeeb@server ~]$ hostname server [sanjeeb@server ~]$ hostname -I 192.168.208.120
Machine 2 - Client Configutation
[sanjeeb@client ~]$ hostname client [sanjeeb@client ~]$ hostname -I 192.168.208.130
Machine 1 --> Machine 2
[sanjeeb@server ~]$ ssh sanjeeb@192.168.208.130 The authenticity of host '192.168.208.130 (192.168.208.130)' can't be established. ED25519 key fingerprint is SHA256:HOPA4UyrPYpCEWcP4vMfeocqZn9r5fEBYgg9+lXNyeY. This host key is known by the following other names/addresses: ~/.ssh/known_hosts:1: 192.168.208.136 Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.208.130' (ED25519) to the list of known hosts. sanjeeb@192.168.208.130's password: Last login: Fri Apr 5 17:58:46 2024
Machine 1 - Generating SSH Key & Copying it to Machine 2
[sanjeeb@server ~]$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/sanjeeb/.ssh/id_rsa): /home/sanjeeb/.ssh/id_rsa already exists. Overwrite (y/n)? y Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/sanjeeb/.ssh/id_rsa Your public key has been saved in /home/sanjeeb/.ssh/id_rsa.pub The key fingerprint is: SHA256:e6+iQ8yUsMAvLRZvimHqzhngCNdgdKJSM/FtA6tW5I8 sanjeeb@server The key's randomart image is: +---[RSA 3072]----+ | .B.+ | | ++O.+ | |o o*=o+. | |oo+=*+o. | |=++=E+. S | |Bo. + . | |oo . . . | |..o . .. . | |.+ .o .... | +----[SHA256]-----+
[sanjeeb@server ~]$ ssh-copy-id sanjeeb@192.168.208.130 /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys sanjeeb@192.168.208.130's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'sanjeeb@192.168.208.130'" and check to make sure that only the key(s) you wanted were added.
Machine 2 - Accessing Machine 1 from Machine 2 without Password Prompt
This shows that the authorized_keys.
[sanjeeb@client .ssh]$ pwd /home/sanjeeb/.ssh [sanjeeb@client .ssh]$ cat authorized_keys ssh-rsa AAAAB.......91YUs= sanjeeb@server
Now Machine 2 will not require the password of the Machine 1 user when connecting from Machine 1 to Machine 2.
[sanjeeb@server ~]$ ssh sanjeeb@192.168.208.130 Last login: Sat Apr 6 10:01:05 2024 from 192.168.208.120