Generating and Exchanging SSH Keys Between Servers

Hands-On Lab

 

Photo of Justin Mitchell

Justin Mitchell

Security Training Architect II in Content

Length

01:00:00

Difficulty

Beginner

You have been tasked with finding a way to make some scripts work between servers, without having to store passwords in the script files. You have discovered that one way to do this is by creating a trust relationship between servers by sharing SSH keys between the servers. In this hands-on lab, we will generate SSH keys for two servers and exchange the keys in order to establish a trust relationship between them.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Generating and Exchanging SSH Keys Between Servers

Introduction

You have been tasked with finding a way to make some scripts work between servers, without having to store passwords in the script files. You have discovered that one way to do this is by creating a trust relationship between servers by sharing SSH keys between the servers. In this hands-on lab, we will generate SSH keys for two servers and exchange the keys in order to establish a trust relationship between them.

Connecting to the Lab

Log In to Server1

  1. Open your terminal application, and run the following command (remember to replace <SERVER1_PUBLIC_IP> with the Server1 public IP you were provided on the lab instructions page):
    ssh cloud_user@<SERVER1_PUBLIC_IP>
  2. Type yes at the prompt.
  3. Enter your cloud_user password at the prompt.
  4. Become the root user.
    sudo su -

Log In to Client1

  1. In a new terminal window, run the following command (remember to replace <CLIENT1_PUBLIC_IP> with the Client1 public IP you were provided on the lab instructions page):
    ssh cloud_user@<CLIENT1_PUBLIC_IP>
  2. Type yes at the prompt.
  3. Enter your cloud_user password at the prompt.
  4. Become the root user.
    sudo su -

Generate a Key Pair on Client1

  1. In your Client1 terminal window, run the following command:
    ssh-keygen -t rsa
  2. Press Enter at the prompt to save the file to the default directory /home/cloud_user/.ssh/is_rsa).
  3. At the passphrase prompt, press Enter to leave the passphrase blank.
  4. Press Enter again to confirm the empty passphrase.

Authorize Client1 to Trust Itself

  1. Run the following command:
    cat /home/cloud_user/.ssh/id_rsa.pub >> /home/cloud_user/.ssh/authorized_keys
  2. Verify that the authorization was successful.
    ssh cloud_user@10.0.1.11
  3. Type yes at the prompt.

Copy the SSH Key to Server1

  1. Retrieve the hostname from Server1.
    ssh 10.0.1.10 hostname 
  2. Type yes at the prompt.
  3. Enter your cloud_user password at the prompt.
  4. Copy the SSH keys to Server1 to establish trust between the two devices.
    scp -r /home/cloud_user/.ssh* 10.0.1.10:/home/cloud_user/
  5. Enter your cloud_user password at the prompt.
  6. Verify that the trust relationship has been established.
    ssh 10.0.1.10 hostname
  7. Switch to your Server1 terminal window.
  8. Run the following two commands to verify that the trust relationship has been established:
    ssh 10.0.1.11 hostname
    hostname && ssh 10.0.1.11 hostname

Conclusion

Congratulations, you've successfully completed this hands-on lab!