Difference between revisions of "Configure SSH connection between servers"
From Kolmisoft Wiki
Jump to navigationJump to search
| (5 intermediate revisions by 3 users not shown) | |||
| Line 14: | Line 14: | ||
# Share the public key with the servers | # Share the public key with the servers | ||
cat /var/www/.ssh/id_rsa.pub | ssh USER@SERVER_IP 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod -R 700 ~/.ssh' | cat /var/www/.ssh/id_rsa.pub | ssh USER@SERVER_IP 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod -R 700 ~/.ssh' | ||
# Repeat this step for all the remote servers you want your GUI to connect to (change USER and SERVER_IP correspondingly) | # Repeat this step for all the remote servers you want your GUI to connect to (change USER and SERVER_IP correspondingly, USER=root for GUI->FS connection) | ||
If you are using Centos 7, add these additional commands: | |||
cp -a /var/www/.ssh/ /usr/share/httpd/ | |||
echo "StrictHostKeyChecking no" >> /usr/share/httpd/.ssh/config | |||
| Line 22: | Line 26: | ||
Retrieve PCAP error: fingerprint 32:0f:3e:0e:3e:5f:04:be:a9:09:e3:82:28:44:89:64 does not match for "1.2.3.4" | Retrieve PCAP error: fingerprint 32:0f:3e:0e:3e:5f:04:be:a9:09:e3:82:28:44:89:64 does not match for "1.2.3.4" | ||
you need to remove 1.2.3.4 from /var/www/.ssh/known_hosts | you need to remove 1.2.3.4 from /var/www/.ssh/known_hosts and/or /usr/share/httpd/.ssh/known_hosts | ||
If you are using different user to connect to server(not root), you might need to change it in Billing - Servers | |||
Latest revision as of 20:13, 2 March 2023
Manual configuration:
On the GUI server:
# Make an SSH key set special for Passenger Apache mkdir -p /var/www/.ssh/
# Generate an RSA key with NO passcode ssh-keygen -f /var/www/.ssh/id_rsa -q -t rsa -N ""
# Make Apache the owner of the keys chown -R apache:apache /var/www/.ssh/
# Share the public key with the servers cat /var/www/.ssh/id_rsa.pub | ssh USER@SERVER_IP 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod -R 700 ~/.ssh' # Repeat this step for all the remote servers you want your GUI to connect to (change USER and SERVER_IP correspondingly, USER=root for GUI->FS connection)
If you are using Centos 7, add these additional commands:
cp -a /var/www/.ssh/ /usr/share/httpd/ echo "StrictHostKeyChecking no" >> /usr/share/httpd/.ssh/config
If keys are configured, but GUI still cannot connect, check gui debug log, if it shows similar error like this:
Retrieve PCAP error: fingerprint 32:0f:3e:0e:3e:5f:04:be:a9:09:e3:82:28:44:89:64 does not match for "1.2.3.4"
you need to remove 1.2.3.4 from /var/www/.ssh/known_hosts and/or /usr/share/httpd/.ssh/known_hosts
If you are using different user to connect to server(not root), you might need to change it in Billing - Servers
