2 Replies Latest reply on Mar 2, 2011 3:00 AM by resistanceIsFruitful

    Will this destroy our passwordless SSH setup?

      OS version: Solaris 5.10

      We have a 2 node Production RAC environment on Machines A and B . Everyday we want to move some files from A to a backup server called C. Our FTP ports are disabled due to a security policy. Only SCP will work.

      SCP doesn't work with passwords. I need to set up passwordless SSH between A and C. So, I need to create a new authorized_keys file in C? What should i do in Machine A side? It already has a file called
      file which contains 'keys' from nodes A and B. Should i create a new authorized_keys file with a different file name like
      in both machines (A and C) ?
        • 1. Re: Will this destroy our passwordless SSH setup?
          No need to wipe the existing configuration - simply append the public key from node A to the authorized keys file on node C. You should already have an id_rsa.pub on the A node in the user's .ssh directory. Just copy that to node C, and append the contents to the authorized_keys on node C for the user you're connecting as (don't replace the contents). Just be sure that you use the existing key and do NOT re-generate keys using ssh-keygen, as that will wipe out your existing keys and break the ssh between Node A and Node B.

          That assumes the user will be the same across servers - if it's not (i.e., using "oracle" on node A and "backupguy" on node C), then you'll just need to put oracle's id_rsa.pub file from node A in the authorized_keys of backupguy on node C. In addition, with different users across nodes, you'll need to specify a user:

          scp filename backupguy@nodec:/path/to/backup/files

          Should be that simple!

          • 2. Re: Will this destroy our passwordless SSH setup?
            Thank you very much Bachelder.