Solaris: create ssh keys for quick server logins

Contributed by mcdsco  
Tagged: Solaris security  

To make access to both servers easier, I created keys for ssh, so I can shell server to server with no password. Following the steps in this Tech-Recipe will make it possible to login to one system from another painless.

To create and distribute the SSH key, follow these steps:

# cd ~/.ssh


(if it doesn’t exist make it off of LDAP’s home directory which according to the document is /var/Sun/mps)

# ssh-keygen -t rsa -N ""

and accept all defaults. This will create two files in the ~/.ssh directory: id_rsa and id_rsa.pub. id_rsa.pub is a text file with the shared key in it.

# cat id_rsa.pub

then highlight all of the text and copy it to the clipboard.

# ssh ldap@ldapserver2
cd ~/.ssh
vi authorized_keys

Hit “i” to put in insert mode then paste the key into the file. Press ESC and type :wq to write an quit vi. The result should be something like this:

(this should be one contiguous line, I put line breaks to fit within the document)
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAmhhdjseAbeHL2gHtPH3MAiD
k+3Gmcw+0SOozqVFqydhk8xDMh/l9h53QhbkkRsarxEoHZCZ3bc9qISZPJib
9q7uvSRXdgVRM6sMQRWzCqMRwJMz90QL/AejhAiaALGP+aQnp8A2UAzn3
aU9X2YPT+9Y/yKxK45dPR9qJ0YLwFzQr5ltldCYw707yTd/3r8LiBlPh7Q1Pla
XV6ospU9thrAZxhT7EJOQ+Pbrw0AaEXeRNPATzcevF7JWuRANj2DMMP7uQ
swxSkolyLregDCPIP7vVwP2bbktrtg37tdyC1dBrAup2R0hpB+HOlOmHGUyM
q+qzyCp5vujB4V/nyvq9Yw== scott@localhost.localdomain

Now do the same thing again, but in reverse server order … you are going from ldapserver2 to ldapserver1 and entering the RSA public key into ldapserver1’s ~/.ssh/authorized_key.

If this doesn’t work where you can ssh to and fro on ldapserver1 and ldapserver2, don’t dispair, you will have to make alterations to your /etc/sshd_config file which is unfortunately beyond the scope of this document.