- Prerequisite – In this post, it is supposed
- the EC servers to be exists
- the topic is related to the SSHD/SSH & Key concept
- Conditions – It is supposed that
- There are two EC servers
- The account of each server is default account, “ec2-user”
- URL of each server is ec1.compute.amazonaws.com, ec2.compute.amazonaws.com
- The default pem provided from AWS to access each server via SSH is ec1.pem, ec2.pem
- Upload each pem file on each server’s home directory (~/) of ec2-user by SFTP or other way
- Setting Procedure
- log into ec1 server as ec2-user using ssh
- Copy ec1.pem to .ssh folder as id_dsa private key , .ssh/authorization_keys to home directory as ec1.pub then check they are exists.
Shell123cd ~./cp ec1.pem ./.ssh/id_dsacp authorization_keys ../ec1.pub
- Do that on ec2 server
- Copy ec1.pub to ec2-user’s home directory in ec2.compute.amazonaws.com, ec2.pub toec2-user 의 home directory in ec1.compute.amazonaws.com.
- Run command below in the shell to register ec2.pub in ec2-user’s home directory to the ec1’s pubilc key store , ec1.pub to ec2 server’s public key store in ec2 server in same way.
Shell12cat ~/ec2.pub>>~/.ssh/authorization_keyscat ~/ec1.pub>>~/.ssh/authorization_keys
- Open the ssh_config file then add STrictHostKeyChecking setting at the end of file to skip the by manual confirmation to add the host as known hosts when accessing servers through SSH.
Shell1sudo vim /etc/ssh/ssh_config
* Part of configuration file
Shell12345678# Send locale-related environment variablesSendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGESSendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENTSendEnv LC_IDENTIFICATION LC_ALL LANGUAGESendEnv XMODIFIERS# Don't show actual hostnames in .ssh/known_hostsHashKnownHosts yes<strong>StrictHostKeyChecking no</strong>
- SSH Access test from each ec1, ec2 server
Shell12ssh email@example.com firstname.lastname@example.org
*If accessible, successful.
3,464 total views, 4 views today