This blog gives instructions on how to login between linux machines without having to enter passwords. It does this using the secure shell client / server programs (ssh and sshd). These use a public/private key pair.
Enabling Programs
On the machine you wish to login to, ensure that the SSH server (sshd) is installed.
Enable it is the Mandriva Control Centre (system / Enable Services)
- Tick 'on boot'
- Press 'Start'
Configure the firewall to enable the server to be accessed (security/Personal Firewall):
- Ensure either ssh or all is ticked
Creating your Public / Private Keys for SSH
The machine infront of you is the SSH client. You need to create a public/private key pair for use in ssh sessions. You only need to do this once on the client machine.
From the machine infront of you, create a public/private keyset:
[steve@crunchie ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/steve/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/steve/.ssh/id_rsa.
Your public key has been saved in /home/steve/.ssh/id_rsa.pub.
The key fingerprint is:
3b:4d:5e:21:ee:65:e3:dc:22:21:33:fd:ed:53:d8:fd steve@crunchie
The key's randomart image is:
+--[ RSA 2048]----+
| |
| 2 o. |
| X. ==o= |
| . |
| + o o S |
| *.o |
| X. |
|. - |
| ...oo. |
+-----------------+
Transferring your Public Key to the SSH server
Now, transfer your public key to the machine you want to log into, and set the correct directory permissions:
[steve@crunchie ~]$ cat ~/.ssh/id_rsa.pub | ssh steve@flake 'cat >> .ssh/authorized_keys'That's it - you can now open shells up on the target machine without entering a password.
steve@flake's password: *****
[steve@crunchie ~]$ ssh steve@flake 'chmod go-w . ; chmod 700 .ssh ; chmod 640 .ssh/authorized_keys'
steve@flake's password: *****
[steve@crunchie ~]$ ssh flakeSetting up X for Remote Access
The machine infront of you is the X server (the server actually draws the windows). Now that you have configured ssh, you won't be prompted for any passwords.
For me, the client machine (the machine on which the applications are started) is called flake:
xauth extract \- $DISPLAY | ssh flake xauth merge \-Running an Application
this is as simple as sshing into the other machine, and running the application:
ssh flake geditNow for the minor complication - when your program exits, the X session remains connected for a period of time, and until the X session closes, ssh will not exit - you have to control-C it.
If you launch your programs from the remote X client / ssh server and re-direct stdin and stdout, this will not happen, e.g.:
[steve@crunchie ~]$ ssh flakeYou can also launch your programs from the X server / ssh client and re-direct stdin and stdout.
[steve@flake ~]$ gedit < /dev/null >& /dev/null &
[steve@flake ~]$ logout
I've created a script called 'flake' which I have put in ~/bin on crunchie, my local X server, which is in the path. It closes stdin/out/err and connects to my X client machine (flake) and runs the requested command line program:
#!/bin/shConfiguring the Menu
exec 0<&- # close stdin
exec 1>&- # close stdout
exec 2>&- # close stderr
ssh flake $* &
You can now create a menu entry, to launch all of the programs on the remote machine, but display the windows here. Select System / Preferences / Main Menu, and create new entries, for example:
If you want to have a terminal to connect to a server, added to the menu, the best way to do this is to run the gnome-terminal locally and connect to the remote server:
The command should be:
gnome-terminal -e "ssh remotemachinename"You could also use an IP address instead of the machine name.
If the remote machine is a Madriva one, it is likely that it contains appropriate environment variables, containing escape sequences which cause the window title to be dynamically changed.
If it is not, you can add something to the start-up script to set the prompt to include the appropriate escape sequences. This is the /etc/profile script on a Freecom FSG3, which uses 'sh' from busybox:
Now, when you login using the new menu entry, the title bar of the window dynamically updates:
# Set prompt
PS1="[\u@\h \W]\\$ "
export PS1
# Set window title
case $TERM in
xterm*)
PS1="\033]0;\u@\h: \w\007[\u@\h \W]\\$ "
;;
*)
;;
esac
No comments:
Post a Comment