Solaris: Create SSH Keys for Quick Server Logins

Posted November 20, 2006 by mcdsco in Solaris security

To make access to both servers easier, I have created keys for SSH so that I can shell server to server with no password. Following the steps in this Tech-Recipe will make it possible for you to log in painlessly from one system to another.

To create and distribute the SSH key, follow these steps:

# cd ~/.ssh

(If it does not exist, make it off of LDAP’s home directory, which according to the document is /var/Sun/mps.)

# ssh-keygen -t rsa -N ""

It accept all defaults. This will create two files in the ~/.ssh directory: id_rsa and The text file has the shared key in it.

# cat

Then highlight all of the text and copy it to the clipboard.

# ssh ldap@ldapserver2
cd ~/.ssh
vi authorized_keys

Hit i to put it in insert mode, and then paste the key into the file. Press ESC, and type :wq and press Enter to write a quit vi. The result should be something like this:

(This should be one contiguous line. I put line breaks to fit within the document.)
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAmhhdjseAbeHL2gHtPH3MAiD
q+qzyCp5vujB4V/nyvq9Yw== [email protected]

Now, do the same thing again, but in reverse server order. You are going from ldapserver2 to ldapserver1 and entering the RSA public key into ldapserver1’s ~/.ssh/authorized_key.

If this does not work so that you can SSH to and fro on ldapserver1 and ldapserver2, do not dispair. You will have to make alterations to your /etc/sshd_config file, which is unfortunately beyond the scope of this document.

The Conversation

Follow the reactions below and share your own thoughts.

  • welerson

    configurando chave ssh

  • Anonymous

    If i want to use keys exclusively what is the most secure thing to do with my passwd expiration that will not exclude cron, sftp capability.