Difference between revisions of "Passwordless SSH"
Jump to navigation
Jump to search
| Line 12: | Line 12: | ||
*<code>ls -l</code> | *<code>ls -l</code> | ||
*<code>cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keys</code> | *<code>cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keys</code> | ||
| + | |||
| + | <br /> | ||
| + | |||
| + | === ESXi1 === | ||
| + | |||
| + | *<code>mkdir /vmfs/volumes/Admin/Utilities/ssl</code> | ||
| + | *<code>mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi0</code> | ||
| + | *<code>mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keys</code> | ||
| + | *<code>mkdir /.ssh</code> | ||
| + | *<code>cd /.ssh</code> | ||
| + | *<code>/usr/lib/vmware/openssh/bin/ssh-keygen -t rsa -b 4096</code> | ||
| + | *<code>ls</code> | ||
| + | *<code>cat id_rsa.pub | ssh root@ESXi0 'cat >> /etc/ssh/keys-root/authorized_keys'</code> | ||
| + | *<code>cd /etc/ssh/keys-root/</code> | ||
| + | *<code>ls -l</code> | ||
| + | *<code>cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keys</code> | ||
| + | *vi /etc/ssh/sshd_config | ||
| + | |||
| + | PermitRootLogin yes | ||
| + | |||
| + | UsePAM yes | ||
| + | |||
| + | <nowiki>#</nowiki> only use PAM challenge-response (keyboard-interactive) | ||
| + | |||
| + | PasswordAuthentication no | ||
| + | |||
| + | <nowiki>#</nowiki> ?????? # | ||
| + | |||
| + | ChallengeResponseAuthentication no | ||
Revision as of 23:20, 6 July 2020
ESXi0
mkdir /vmfs/volumes/Admin/Utilities/sslmkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi1mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keysmkdir /.sshcd /.ssh/usr/lib/vmware/openssh/bin/ssh-keygen -t rsa -b 4096lscat id_rsa.pub | ssh root@ESXi1 'cat >> /etc/ssh/keys-root/authorized_keys'cd /etc/ssh/keys-root/ls -lcp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keys
ESXi1
mkdir /vmfs/volumes/Admin/Utilities/sslmkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi0mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keysmkdir /.sshcd /.ssh/usr/lib/vmware/openssh/bin/ssh-keygen -t rsa -b 4096lscat id_rsa.pub | ssh root@ESXi0 'cat >> /etc/ssh/keys-root/authorized_keys'cd /etc/ssh/keys-root/ls -lcp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keys- vi /etc/ssh/sshd_config
PermitRootLogin yes
UsePAM yes
# only use PAM challenge-response (keyboard-interactive)
PasswordAuthentication no
# ?????? #
ChallengeResponseAuthentication no
