Podrška #11812
Zatvoren
monit.bring.out.ba: paswordless kontrola router-sa dualco, pristup bez password-a
0%
Opis
monit.bring.out.ba: kontrola router-sa dualco, pristup bez password-a
ref. trac ticket: http://trac.sigma-com.net/sa-ScInfrastructure/ticket/724
Izmjenjeno od Ernad Husremović prije skoro 19 godina
na računaru sa kojeg želim prići routeru-u
hernad@mraka-1:~$ ssh-keygen -t rsa
tada dobijem id_rsa i id_rsa.pub
hernad@mraka-1:~$ cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4Eow5aCZgIBh46Vi6Mw73gPn/eln/5tECwHSfL42SxZfBqlsf0FQgLxwQK/jzBCykqjfALOkopy+7uHI3zuS6FByh9SWZqhrEsSaNSO+7dk0PMW8OrczFIOxmAShV6hMkn2ZVJ5f+iBtZuKhhaByYdKbtwhB6TEORhqX3vf1CqLsVil8waaz4+i9q3CFUsUu4pWlA1k3H7gxaKbiIBwqIGA59Vu4IRHpQlIYLhXNqddJV5hHCuHPCbursOfqr2gBlK4JxjWv/98YeWQOyLY1pxFW2OTvbqWD42IVwtgCTsfN7wZ89UWIrXtFvremJLOFMhIFv+qyWqyV+x20jMAdyQ== hernad@mraka-1
ovaj pub stavim u
u /etc/dropbear/known_hosts
a onda u init skripti stavim se authorized_keys kopira u ~/.ssh/known_hosts
hernad@mraka-1:~$ ssh root@router-sa cat /etc/init.d/*custom*
#!/bin/sh mkdir /tmp/.ssh/ cp /etc/known_hosts /tmp/.ssh/known_hosts cp /etc/dropbear/authorized_keys /tmp/.ssh/authorized_keys <<<<<<<<<<<<<<<<<<<<<<<<<<< shfsmount -c "ssh -i /etc/dropbear_archive %u@%h /bin/bash" root@archive.sigma-com.net:/data /mnt/nas-1 sleep 2 /etc/init.d/tftpd-hpa start /usr/sbin/wl txpwr 75 /usr/sbin/wl frameburst 1 rm -f /etc/mtab ln -s /proc/mounts /etc/mtab openvpn --config /etc/openvpn/server.conf& hernad@mraka-1:~$ ssh root@router-sa cat /etc/init.d/*custom*
Izmjenjeno od Ernad Husremović prije skoro 19 godina
and voila ... sada router-u sa mraka-1 mogu prići bez kucanja lozinke ... a što je još bitnije mogu putem ssh remotely zadavati proizvoljne komande router-u što je moj glavni cilj
tako ova stvar fercera:
hernad@mraka-1:~$ ssh root@router-sa reboot
Connection to router-sa closed by remote host.
Izmjenjeno od Ernad Husremović prije skoro 19 godina
root@monitor:~/ruby# ssh-keygen -t rsa
Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 43:81:07:a7:a8:2c:ad:b2:0d:95:8b:16:6d:50:0a:14 root@monitor.bring.out.ba root@monitor:~/ruby# vi /root/.ssh/id_rsa.pub
Izmjenjeno od Ernad Husremović prije skoro 19 godina
monit kontroliše router-sa, dualco-705.bring.out.ba
Izmjenjeno od Ernad Husremović prije oko 18 godina
- Naslov promijenjeno iz monit.bring.out.ba: kontrola router-sa dualco, pristup bez password-a u monit.bring.out.ba: paswordless kontrola router-sa dualco, pristup bez password-a
- Status promijenjeno iz Novo u Zatvoreno