The system admins team of xFusionCorp Industries has set up some scripts on jump host that run on regular intervals and perform operations on all app servers in Stratos Datacenter. To make these scripts work properly we need to make sure the thor user on jump host has password-less SSH access to all app servers through their respective sudo users (i.e tony for app server 1).
Task:
Set up a password-less authentication from user thor on jump host to all app servers through their respective sudo users.
ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/thor/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/thor/.ssh/id_rsa
Your public key has been saved in /home/thor/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:TbkmxB6srrmZpFxkgs1YBeG0u3jhqL9WfQ69gXVqWGg thor@jumphost.stratos.xfusioncorp.com
The key's randomart image is:
+---[RSA 3072]----+
| +o. |
| o o o . |
| + .= o |
| * . E+o+.. |
|o * oo.*So+ |
| + *..= *o |
|o +.o .= o |
|.o.+ = o |
|.o=.*. |
+----[SHA256]-----+
ssh-copy-id tony@172.16.238.10
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/thor/.ssh/id_rsa.pub"
The authenticity of host '172.16.238.10 (172.16.238.10)' can't be established.
ED25519 key fingerprint is SHA256:XtXhFcfc669Ysfrd1qLZnQPEFVx5wvMI8eh1Ue4dYiw.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
tony@172.16.238.10's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'tony@172.16.238.10'"
and check to make sure that only the key(s) you wanted were added.Repeat the process, using the ssh-copy-id command with the users for app 2 (steve) and app3 (banner).
