Difference between revisions of "Passwordless SSH"
Jump to navigation
Jump to search
| Line 4: | Line 4: | ||
===ESXi to ESXi=== | ===ESXi to ESXi=== | ||
| + | Source: [https://cormachogan.com/2016/04/13/ssh-esxi-hosts-without-providing-password/ How to SSH between ESXi 6.0U2 hosts without providing a password] | ||
| + | |||
The following 2 sections are basically lists of Copy-Pasta commands for each server. | The following 2 sections are basically lists of Copy-Pasta commands for each server. | ||
| Line 19: | Line 21: | ||
*<code>ls -l</code> | *<code>ls -l</code> | ||
*<code>cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keys</code> | *<code>cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keys</code> | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
====ESXi1==== | ====ESXi1==== | ||
| Line 43: | Line 35: | ||
*<code>ls -l</code> | *<code>ls -l</code> | ||
*<code>cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keys</code> | *<code>cp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keys</code> | ||
| + | |||
| + | ==== On Both Servers ==== | ||
| + | |||
*<code>vi /etc/ssh/sshd_config</code> | *<code>vi /etc/ssh/sshd_config</code> | ||
*(Ensure the following items are in the file) | *(Ensure the following items are in the file) | ||
| Line 55: | Line 50: | ||
At this point, you should be able to SSH from one to the other without needing to enter a password. | At this point, you should be able to SSH from one to the other without needing to enter a password. | ||
| − | === ESXi to Linux === | + | ===ESXi to Linux=== |
| − | === Linux to ESXi === | + | ===Linux to ESXi=== |
Revision as of 23:41, 6 July 2020
These instructions assume 2 ESXi servers: ESXi0 & ESXi1
Both of these servers have a datastore named Admin for Administrative stuff and a Folder named Utilities for storing useful things.
ESXi to ESXi
Source: How to SSH between ESXi 6.0U2 hosts without providing a password
The following 2 sections are basically lists of Copy-Pasta commands for each server.
ESXi0
mkdir /vmfs/volumes/Admin/Utilities/sslmkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi1mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keysmkdir /.sshcd /.ssh/usr/lib/vmware/openssh/bin/ssh-keygen -t rsa -b 4096lscat id_rsa.pub | ssh root@ESXi1 'cat >> /etc/ssh/keys-root/authorized_keys'cd /etc/ssh/keys-root/ls -lcp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi1/keys
ESXi1
mkdir /vmfs/volumes/Admin/Utilities/sslmkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi0mkdir /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keysmkdir /.sshcd /.ssh/usr/lib/vmware/openssh/bin/ssh-keygen -t rsa -b 4096lscat id_rsa.pub | ssh root@ESXi0 'cat >> /etc/ssh/keys-root/authorized_keys'cd /etc/ssh/keys-root/ls -lcp /.ssh/* /vmfs/volumes/Admin/Utilities/ssl/ESXi0/keys
On Both Servers
vi /etc/ssh/sshd_config- (Ensure the following items are in the file)
PermitRootLogin yes UsePAM yes # only use PAM challenge-response (keyboard-interactive) PasswordAuthentication no
/etc/init.d/SSH restart
At this point, you should be able to SSH from one to the other without needing to enter a password.
