13,420
edits
Changes
→Generating a Public/Private Key Pair & Sharing Public Key
[[Image:ssh_connection_explained.png|thumb|center|600px|A diagram explaining how public / Private keys work. Another term to represent this process is called '''PKI''' (Public/Private Key Infrastructure) ]]
=== Generating a Public/Private Key Pair & Sharing the Public Key ===
The public/private key pair needs to be generated on and used on your '''host''' machine (i.e. the user/machine you're connecting '''from'''). The private key is the equivalent of a <u>''password''</u> (that it why it is considered to be <u>''private''</u> - only to be used by ''<u>one</u>'' owner). That is why the private key is stored in the owner's '''~/.ssh/''' directory.
If you have the private key, you can prove to someone who has your public key that you are indeed the '''actual owner of that public key'''. That is how ssh key authentication works. You are then only required to transfer your public key to a remote server.
<ol><li value="4">You are going to share the public key from the '''root user in your host machine''' with the '''root user of your vm1 machine'''.</li><li>Make certain you are logged on as '''root'''.</li><li>Copy contents of your '''~/.ssh/id_rsa.pub''' from your host machine, and append the contents to '''~/.ssh/authorized_keys''' on each of your Virtual Machine servers</li><li>Simply issue the Linux command '''ssh-copy-id -i ~/.ssh/id_rsa.pub username@server'''<br><br>In your case: ssh-copy-id -i ~/.ssh/id_rsa.pub root@IPADDR_for_vm1</li><li>Make certain to copy the public key for root on your host to your vm2 and vm3 machines as well.</li><li>Use the ssh command to test each ssh connection between your host and each virtual machine that you can connect to the VMs without having to use a password. This is essential to create backups from VMs to your hostmachine without being prompted for password.</li></ol>
{{Admon/important|Errors in Copying Public Key from Host to VM|If you experience an error when copying the public key from your hostmachine to your VM, it is most likely caused from not permitting root login that you performed in the previous section. Set to allow login from root for each vm, restart your sshd service and then re-run the above command.}}
'''NOTE:''' Always remember that these keys are '''per-user, <u>not</u> per machine'''. This means that sharing a user's public key will only work for that specific user.
== INVESTIGATION 3: PERFORMING & AUTOMATING BACKUPS ==
