-------------------------------------------------------------
Assume we have 2 servers name as "serv1 - 10.3.0.11" and "serv2 - 10.3.0.12"
we would like to remote ssh from serv1 to serv2 without password. so we need to
set trust serv1 on serv2. as the step ...
Assume 2: about username
serv1:KUSER1
serv2:ORACLE
1) on serv1 : login to user "KUSER1" and generate private and public key.
(kuser1)$ /usr/bin/ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/kuser1/.ssh/id_dsa):
Created directory '/home/kuser1/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/kuser1/.ssh/id_dsa.
Your public key has been saved in /home/kuser1/.ssh/id_dsa.pub.
The key fingerprint is:
11:b3:08:5c:4a:3c:4a:f6:70:f0:ab:a7:21:c7:ca:3c kuser1@serv1
$
Note:
after run command. it 'll ask us for location of private and publich key.
default is $HOME/.ssh ( our home/.ssh ). and we'll get 2 files as
id_dsa = private key
id_dsa.pub = public key
2) copy public key to destination server "serv2" on user that you want to remote trust.
this example is "oracle" so login as user "oracle" then create directory .ssh
serv2[/home/oracle]$ mkdir .ssh
serv2[/home/oracle]$ cd .ssh
serv2[/home/oracle/.ssh]$ cat ../id_dsa.pub > authorized_keys
serv2[/home/oracle/.ssh]$ more authorized_keys
ssh-dss AAAAB3NzaC1kc3MAAACBAMjlIX6/UoFG9QioQsBg+DUTK+bu2tnusDkL+4uAVdRW+6pA5eBaOr2cTB4lkNYlQRTMz4+DXrBJm33VPl94CDvfkTIDQ2rw0+2gOHJx
rWikB4e7CCc9M3a6xZI4Zs/QcuCahN7mwuc+caSJiG/oNCCZlbZx8c5OYl0QlNq+B8SdAAAAFQCpaA/suX2jqo0BQnZTCN0wTO+K/wAAAIEAngAn2U+ZbzD2/Z1hfRj1Ms00
4ZV3wk+NyXzbkm39CFc97MuJOB6DPonQrO74nC07hpzvPSmLIOXu1+NHnNqd/sazaAdzWDTuNNodfGUTEbzo31RIrmc01q0UeTT2stRrW0xAboHSFxfUMbC21nrxjlFIBE81
rBTWtlSQr2kmkWkAAACAOQa9lILJYe/8Mk43SEODHJgWh3g5oa0EGKO7AZ34Otn/An2RbjkFLBo+ZDcvpvaaOTkICCXkjJt2Gstixn6uIPp0yBymr+523HSyaw1cIlEpV9qt
3bLqfosJ/UxsFuCu6SqsR6RGHG02dcwU0RAJ4bP8pnRKfZARoZnX5zYwVg8= kuser1@serv1
3) Test connect from serv1 user "kuser1"
(kuser1)$ ssh -l oracle serv2
serv2[/home/oracle]$
Note: if it return new promt as destination server without password require. it's OK.
