You have been tasked with finding a way to make some scripts work between servers, without having to store passwords in the script files. You have discovered that one way to do this is by creating a trust relationship between servers by sharing SSH keys between the servers. In this hands-on lab, we will generate SSH keys for two servers and exchange the keys in order to establish a trust relationship between them.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Generate a Key Pair on Client1
- Generate a key pair (
id_rsa.pubandid_rsa) on Client1 (10.0.1.11):ssh-keygen -t rsa
- Generate a key pair (
- Authorize Client1 to Trust Itself
- Run the following command on Client1:
cat /home/cloud_user/.ssh/id_rsa.pub >> /home/cloud_user/.ssh/authorized_keys - Verify that the authorization was successful.
ssh cloud_user@10.0.1.11
- Run the following command on Client1:
- Copy the SSH Key to Server1
- From Client1, retrieve the hostname of Server1.
ssh 10.0.1.10 hostname - You should be prompted for the
cloud_userpassword. - Copy the SSH keys to Server1 to establish trust between the two devices.
scp -r /home/cloud_user/.ssh* 10.0.1.10:/home/cloud_user/Note: In a real environment, using secure copy (
scp) is not best practice, as the private key should not be shared with multiple servers. In your own environment, I recommend using thessh-copy-idcommand to only copy the public key, as that’s all that’s needed. But for the purposes of this lab, we’ll use the above command. - Verify that the trust relationship has been established.
ssh 10.0.1.10 hostname - Run the following two commands on Server1 to verify that the trust relationship has been established:
ssh 10.0.1.11 hostname hostname && ssh 10.0.1.11 hostname
- From Client1, retrieve the hostname of Server1.
