Sunday, January 27, 2013
SSH Login Without Password Using RSA Algorithm
In this post, we will see how to start multiple servers which is located across distributed machines at one shot.To do this we need to connect with distributed unix server boxes using SSH command.When we are starting servers manually across this distributed boxes there is no issue involved.But if you want to automate this frequent task , then you get a Question right? How to login into remote machine without password ?
Please keep on reading to know, how to achieve this!!
Scenario:
Consider that you have production code running in 9 application servers. These 9 application servers are evenly distributed among 3 Unix Server Machines .To get a better view about the scenario see the following diagram.
Now we want to start all 9 application servers frequently at specified interval.In order to achieve this first we need to implement this RSA algorithm.
Implementation of RSA Algorithm:
It is a two step process.
Step 1: Create public and private keys using ssh-key-gen on local-host thiru@192.168.2.1$ ssh-keygen Generating public/private rsa key pair.
Enter file in which to save the key (/home/thiru/.ssh/id_rsa):[Enter key]
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Press enter key]
Your identification has been saved in /home/thiru/.ssh/id_rsa.
Your public key has been saved in /home/thiru/.ssh/id_rsa.pub.
The key fingerprint is:
33:b3:fe:af:91:91:18:21:31:d5:de:91:2f:f1:35:f1
Step 2: Copy the public key to remote-host using ssh-copy-id
thiru@192.168.2.1 $ ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.2.2
thiru@192.168.2.2's password:
Now try logging into the machine, with "ssh 'remote-host'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting
thiru@192.168.2.1 $ ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.2.3
thiru@192.168.2.3's password:
Now try logging into the machine, with "ssh 'remote-host'", and check in: .ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting
Step 3: Login to remote-host without entering the password
thiru@192.168.2.1 $ ssh 192.168.2.2
Last login: Sun Jan 26 17:22:33 2013 from 192.168.2.2
thiru@192.168.2.1$ ssh 192.168.2.3
Last login: Sun Jan 26 17:22:33 2013 from 192.168.2.3
See SSH didn’t ask for password, so we achieved it.
Scripting Part:
A Simple script to start all the 9 servers in 3 server machines.
Please keep on reading to know, how to achieve this!!
Scenario:
Consider that you have production code running in 9 application servers. These 9 application servers are evenly distributed among 3 Unix Server Machines .To get a better view about the scenario see the following diagram.
Now we want to start all 9 application servers frequently at specified interval.In order to achieve this first we need to implement this RSA algorithm.
Implementation of RSA Algorithm:
It is a two step process.
Step 1: Create public and private keys using ssh-key-gen on local-host thiru@192.168.2.1$ ssh-keygen Generating public/private rsa key pair.
Enter file in which to save the key (/home/thiru/.ssh/id_rsa):[Enter key]
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Press enter key]
Your identification has been saved in /home/thiru/.ssh/id_rsa.
Your public key has been saved in /home/thiru/.ssh/id_rsa.pub.
The key fingerprint is:
33:b3:fe:af:91:91:18:21:31:d5:de:91:2f:f1:35:f1
Step 2: Copy the public key to remote-host using ssh-copy-id
thiru@192.168.2.1 $ ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.2.2
thiru@192.168.2.2's password:
Now try logging into the machine, with "ssh 'remote-host'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting
thiru@192.168.2.1 $ ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.2.3
thiru@192.168.2.3's password:
Now try logging into the machine, with "ssh 'remote-host'", and check in: .ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting
Step 3: Login to remote-host without entering the password
thiru@192.168.2.1 $ ssh 192.168.2.2
Last login: Sun Jan 26 17:22:33 2013 from 192.168.2.2
thiru@192.168.2.1$ ssh 192.168.2.3
Last login: Sun Jan 26 17:22:33 2013 from 192.168.2.3
See SSH didn’t ask for password, so we achieved it.
Scripting Part:
A Simple script to start all the 9 servers in 3 server machines.
#Program Name: start_All_Servers.sh
#Purpose: Start All Weblogic Servers under 192.168.2.1, 192.168.2.2 and 192.168.2.3 Unix Server Boxes
#!/bin/bash
start_all_servers_in_box1()
{
#In Local Host Machine
echo "Starting Weblogic Servers in 192.168.2.1 Unix Box"
sh start_Servers.sh &
}
start_all_servers_in_box2()
{
echo "Starting Weblogic Servers in 192.168.2.2 Unix Box"
ssh 192.168.2.2 sh start_Servers.sh &
}
start_all_servers_in_box3()
{
echo "Starting Weblogic Servers in 192.168.2.3 Unix Box"
ssh 192.168.2.3 sh start_Servers.sh &
}
#Main Function
start_all_servers_in_box1
start_all_servers_in_box2
start_all_servers_in_box3
I hope that this simple script can help someone.If you have any queries and suggestions, feel free to share it with us.
Subscribe to:
Post Comments (Atom)
thiru,
ReplyDeleteIf you post screen shoots for the step 1,2 and 3, it will be easy to do practice for the Unix Beginners like me ..,
Looking forward your reply
Regards,
Ramprakash Arun.