top of page
Search
  • Writer's pictureergemp
    • Jan 26, 2021
    • 2 min read

SSH user equivalency

This is yet another post about the password-less login through ssh in linux.


Why do we need it? Because;

  • Especially in cluster systems, more than one host are running as one, nodes needs to communicate with each other frequently.

  • More than one host communicates each other for any reason. Foe example postgresql replications.

To enable ssh logins without password in a secure way is as follows;


Login to the user which will be able to login without password.

First we are going to create a public key.

Then, share the public key across nodes.


# on node 1
su - postgres
ssh-keygen -t rsa 

cd .ssh 
cat id_rsa.pub >> authorized_keys

# on node 2
su - postgres
ssh-keygen -t rsa 

cd .ssh
cat id_rsa.pub >> authorized_keys

# append the contents of the id_rsa.pub file on node 1 to the file ~/.ssh/authorized_keys file on node 2


# do the same the other way around, append the contents of id_rsa.pub file on node 2 to the file ~/.ssh/authorized_keys file on node 1


Now you should be able to open an ssh connection without password as follows


-bash-4.2$ hostname
pg12-01
-bash-4.2$ ssh pg12-02
Last login: Mon Jan 25 19:39:00 2021 from pg12-02
-bash-4.2$ hostname
pg12-02
-bash-4.2$ exit
logout
Connection to pg12-02 closed.
-bash-4.2$ hostname

Or even, run a command on the other node. 

-bash-4.2$ ssh pg12-02 hostname;date
pg12-02
Mon Jan 25 19:43:21 +03 2021
-bash-4.2$

privileges on the .ssh folder and the contents are important, or else your setup may note work. 

-bash-4.2$ ls -la
total 28
drwx------.  4 postgres postgres    91 Oct 23 04:40 .
drwxr-xr-x. 24 root     root      4096 Oct 22 15:25 ..
drwx------.  6 postgres postgres    84 Oct 23 04:14 12
-rw-------.  1 postgres postgres 13669 Jan 25 19:39 .bash_history
-rwx------.  1 postgres postgres   296 Oct 22 16:07 .bash_profile
-rw-------.  1 postgres postgres  2547 Jan 25 19:00 .psql_history
drwx------.  2 postgres postgres    80 Jan 25 15:40 .ssh
-bash-4.2$ 

-bash-4.2$ ls -l .ssh
total 16
-rw-r--r--. 1 postgres postgres  796 Jan 25 15:39 authorized_keys
-rw-------. 1 postgres postgres 1675 Jan 25 15:31 id_rsa
-rw-r--r--. 1 postgres postgres  398 Jan 25 15:31 id_rsa.pub
-rw-r--r--. 1 postgres postgres  722 Jan 25 19:38 known_hosts
-bash-4.2$ ls -l

Tags:

6 views0 comments

Recent Posts

See All

Logical Replication

Main difference of Logical replication in Postgresql is the ability to replicate some tables, instead of replicating the entire database....

0 comments

Comments

bottom of page