Difference between revisions of "Passwordless SSH"
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
| + | These instructions assume 2 ESXi servers: ESXi0 & ESXi1 | ||
| + | |||
| + | Both of these servers have a datastore named '''Admin''' for Administrative stuff and a Folder named '''Utilities''' for storing useful things. | ||
| + | |||
| + | The following 2 sections are basically lists of Copy-Pasta commands for each server. | ||
| + | |||
===ESXi0=== | ===ESXi0=== | ||
| Line 14: | Line 20: | ||
*<code>vi /etc/ssh/sshd_config</code> | *<code>vi /etc/ssh/sshd_config</code> | ||
| + | *(Ensure the following items are in the file) | ||
PermitRootLogin yes | PermitRootLogin yes | ||
| Line 19: | Line 26: | ||
# only use PAM challenge-response (keyboard-interactive) | # only use PAM challenge-response (keyboard-interactive) | ||
PasswordAuthentication no | PasswordAuthentication no | ||
| − | |||
| − | |||
*<code>/etc/init.d/SSH restart</code> | *<code>/etc/init.d/SSH restart</code> | ||
| Line 40: | Line 45: | ||
*<code>cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keys</code> | *<code>cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keys</code> | ||
*<code>vi /etc/ssh/sshd_config</code> | *<code>vi /etc/ssh/sshd_config</code> | ||
| + | *(Ensure the following items are in the file) | ||
PermitRootLogin yes | PermitRootLogin yes | ||
| Line 45: | Line 51: | ||
# only use PAM challenge-response (keyboard-interactive) | # only use PAM challenge-response (keyboard-interactive) | ||
PasswordAuthentication no | PasswordAuthentication no | ||
| − | |||
| − | |||
*<code>/etc/init.d/SSH restart</code> | *<code>/etc/init.d/SSH restart</code> | ||
Revision as of 23:33, 6 July 2020
These instructions assume 2 ESXi servers: ESXi0 & ESXi1
Both of these servers have a datastore named Admin for Administrative stuff and a Folder named Utilities for storing useful things.
The following 2 sections are basically lists of Copy-Pasta commands for each server.
ESXi0
mkdir /vmfs/volumes/Admin/Utilities/sslmkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi1mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keysmkdir /.sshcd /.ssh/usr/lib/vmware/openssh/bin/ssh-keygen -t rsa -b 4096lscat id_rsa.pub | ssh root@ESXi1 'cat >> /etc/ssh/keys-root/authorized_keys'cd /etc/ssh/keys-root/ls -lcp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keys
vi /etc/ssh/sshd_config- (Ensure the following items are in the file)
PermitRootLogin yes UsePAM yes # only use PAM challenge-response (keyboard-interactive) PasswordAuthentication no
/etc/init.d/SSH restart
ESXi1
mkdir /vmfs/volumes/Admin/Utilities/sslmkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi0mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keysmkdir /.sshcd /.ssh/usr/lib/vmware/openssh/bin/ssh-keygen -t rsa -b 4096lscat id_rsa.pub | ssh root@ESXi0 'cat >> /etc/ssh/keys-root/authorized_keys'cd /etc/ssh/keys-root/ls -lcp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keysvi /etc/ssh/sshd_config- (Ensure the following items are in the file)
PermitRootLogin yes UsePAM yes # only use PAM challenge-response (keyboard-interactive) PasswordAuthentication no
/etc/init.d/SSH restart
