Passwordless SSH
		
		
		
		
		
		
		Jump to navigation
		Jump to search
		
		
		
		
		
		
		
	
These instructions assume 2 ESXi servers: ESXi0 & ESXi1
Both of these servers have a datastore named Admin for Administrative stuff and a Folder named Utilities for storing useful things.
ESXi to ESXi
The following 2 sections are basically lists of Copy-Pasta commands for each server.
ESXi0
- mkdir /vmfs/volumes/Admin/Utilities/ssl
- mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi1
- mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keys
- mkdir /.ssh
- cd /.ssh
- /usr/lib/vmware/openssh/bin/ssh-keygen -t rsa -b 4096
- ls
- cat id_rsa.pub | ssh root@ESXi1 'cat >> /etc/ssh/keys-root/authorized_keys'
- cd /etc/ssh/keys-root/
- ls -l
- cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keys
- vi /etc/ssh/sshd_config
- (Ensure the following items are in the file)
PermitRootLogin yes UsePAM yes # only use PAM challenge-response (keyboard-interactive) PasswordAuthentication no
- /etc/init.d/SSH restart
ESXi1
- mkdir /vmfs/volumes/Admin/Utilities/ssl
- mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi0
- mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keys
- mkdir /.ssh
- cd /.ssh
- /usr/lib/vmware/openssh/bin/ssh-keygen -t rsa -b 4096
- ls
- cat id_rsa.pub | ssh root@ESXi0 'cat >> /etc/ssh/keys-root/authorized_keys'
- cd /etc/ssh/keys-root/
- ls -l
- cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keys
- vi /etc/ssh/sshd_config
- (Ensure the following items are in the file)
PermitRootLogin yes UsePAM yes # only use PAM challenge-response (keyboard-interactive) PasswordAuthentication no
- /etc/init.d/SSH restart
At this point, you should be able to SSH from one to the other without needing to enter a password.
