Difference between revisions of "Configure SSH connection between servers"

From Kolmisoft Wiki
Jump to navigationJump to search
(10 intermediate revisions by 4 users not shown)
Line 2: Line 2:


On the GUI server:
On the GUI server:
ifconfig <and mark IP of GUI server>


  # Make an SSH key set special for Passenger Apache
  # Make an SSH key set special for Passenger Apache
Line 9: Line 7:


  # Generate an RSA key with NO passcode
  # Generate an RSA key with NO passcode
  ssh-keygen -f /var/www/.ssh/id_rsa -q -t rsa -N ''
  ssh-keygen -f /var/www/.ssh/id_rsa -q -t rsa -N ""


  # Make Apache the owner of the keys
  # Make Apache the owner of the keys
Line 15: Line 13:


  # Share the public key with the servers
  # Share the public key with the servers
  cat /var/www/.ssh/id_rsa.pub | ssh USER@SERVER_IP 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys'
  cat /var/www/.ssh/id_rsa.pub | ssh USER@SERVER_IP 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod -R 700 ~/.ssh'
  # Repeat this step for all the remote servers you want your GUI to connect to (change USER and SERVER_IP correspondingly)
  # Repeat this step for all the remote servers you want your GUI to connect to (change USER and SERVER_IP correspondingly, USER=root for GUI->FS connection)
 
 
If you are using Centos 7, add these additional commands:
  cp -a /var/www/.ssh/ /usr/share/httpd/
  echo "StrictHostKeyChecking no" >> /usr/share/httpd/.ssh/config
 
 
 
If keys are configured, but GUI still cannot connect, check gui debug log, if it shows similar error like this:
Retrieve PCAP error: fingerprint 32:0f:3e:0e:3e:5f:04:be:a9:09:e3:82:28:44:89:64 does not match for "1.2.3.4"
 
you need to remove 1.2.3.4 from /var/www/.ssh/known_hosts

Revision as of 12:46, 13 July 2020

Manual configuration:

On the GUI server:

# Make an SSH key set special for Passenger Apache
mkdir -p /var/www/.ssh/
# Generate an RSA key with NO passcode
ssh-keygen -f /var/www/.ssh/id_rsa -q -t rsa -N ""
# Make Apache the owner of the keys
chown -R apache:apache /var/www/.ssh/
# Share the public key with the servers
cat /var/www/.ssh/id_rsa.pub | ssh USER@SERVER_IP 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod -R 700 ~/.ssh'
# Repeat this step for all the remote servers you want your GUI to connect to (change USER and SERVER_IP correspondingly, USER=root for GUI->FS connection)


If you are using Centos 7, add these additional commands:

 cp -a /var/www/.ssh/ /usr/share/httpd/
 echo "StrictHostKeyChecking no" >> /usr/share/httpd/.ssh/config


If keys are configured, but GUI still cannot connect, check gui debug log, if it shows similar error like this:

Retrieve PCAP error: fingerprint 32:0f:3e:0e:3e:5f:04:be:a9:09:e3:82:28:44:89:64 does not match for "1.2.3.4"

you need to remove 1.2.3.4 from /var/www/.ssh/known_hosts