sshd (OpenSSH Daemon or server) is the daemon program for ssh client. It is a free and open source ssh server. ssh replaces insecure rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network such as the Internet. Ubuntu Desktop and minimal Ubuntu server do not come with sshd installed. 1. $ sudo apt-get install openssh-server 2. $ sudo apt-get install openssh-client We would run these on our two machines.Machine 1: master
master@master-VirtualBox:~$ hostname master-VirtualBox master@master-VirtualBox:~$ uname Linux master@master-VirtualBox:~$ uname -a Linux master-VirtualBox 5.13.0-21-generic #21-Ubuntu SMP Tue Oct 19 08:59:28 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux master@master-VirtualBox:~$ cat /etc/hosts 192.168.100.5 slave-VirtualBox 192.168.100.4 master-VirtualBox master@master-VirtualBox:~$ ifconfig enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.100.4 netmask 255.255.255.0 broadcast 192.168.100.255 inet6 fe80::9c46:b732:6918:fb34 prefixlen 64 scopeid 0x20<link> ether 08:00:27:ab:ba:4d txqueuelen 1000 (Ethernet) RX packets 5452 bytes 4579765 (4.5 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 4973 bytes 1580656 (1.5 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 821 bytes 95012 (95.0 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 821 bytes 95012 (95.0 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 master@master-VirtualBox:~$ whoami masterMachine 2: slave
slave@slave-VirtualBox:~$ hostname slave-VirtualBox slave@slave-VirtualBox:~$ uname Linux slave@slave-VirtualBox:~$ uname -a Linux slave-VirtualBox 5.13.0-21-generic #21-Ubuntu SMP Tue Oct 19 08:59:28 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux slave@slave-VirtualBox:~$ cat /etc/hosts 192.168.100.4 master-VirtualBox 192.168.100.5 slave-VirtualBox slave@slave-VirtualBox:~$ ifconfig enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.100.5 netmask 255.255.255.0 broadcast 192.168.100.255 inet6 fe80::ce9b:aad2:bc20:943a prefixlen 64 scopeid 0x20<link> ether 08:00:27:3d:96:40 txqueuelen 1000 (Ethernet) RX packets 1627 bytes 1564019 (1.5 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1116 bytes 124674 (124.6 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 234 bytes 21826 (21.8 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 234 bytes 21826 (21.8 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 slave@slave-VirtualBox:~$ whoami slave slave@slave-VirtualBox:~$ cat /etc/hostname slave-VirtualBox slave@slave-VirtualBox:~$Checking Connectivity Between Two Machines
Pinging Slave From Master
master@master-VirtualBox:~$ ping -c 3 192.168.100.5 PING 192.168.100.5 (192.168.100.5) 56(84) bytes of data. 64 bytes from 192.168.100.5: icmp_seq=1 ttl=64 time=0.482 ms 64 bytes from 192.168.100.5: icmp_seq=2 ttl=64 time=0.614 ms 64 bytes from 192.168.100.5: icmp_seq=3 ttl=64 time=0.542 ms --- 192.168.100.5 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2034ms rtt min/avg/max/mdev = 0.482/0.546/0.614/0.053 msPinging Master From Slave
slave@slave-VirtualBox:~$ ping -c 4 192.168.100.4 PING 192.168.100.4 (192.168.100.4) 56(84) bytes of data. 64 bytes from 192.168.100.4: icmp_seq=1 ttl=64 time=0.550 ms 64 bytes from 192.168.100.4: icmp_seq=2 ttl=64 time=0.634 ms 64 bytes from 192.168.100.4: icmp_seq=3 ttl=64 time=0.716 ms 64 bytes from 192.168.100.4: icmp_seq=4 ttl=64 time=0.544 ms --- 192.168.100.4 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3070ms rtt min/avg/max/mdev = 0.544/0.611/0.716/0.070 ms slave@slave-VirtualBox:~$SSH Setup On Slave
slave@slave-VirtualBox:~$ sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT [sudo] password for slave: slave@slave-VirtualBox:~$ ssh-keygen -t rsa -f ~/.ssh/id_rsa -P "" Generating public/private rsa key pair. Created directory '/home/slave/.ssh'. Your identification has been saved in /home/slave/.ssh/id_rsa Your public key has been saved in /home/slave/.ssh/id_rsa.pub The key fingerprint is: SHA256:/yxMvEOLDQqL71s0afvlnDF5T9liMihniSinzXQmxH0 slave@slave-VirtualBox The key's randomart image is: +---[RSA 3072]----+ | | | | | | | . o | | B S.E | | .+ +.+++ o | | ..oB.=B@o+ = .| | . .O.=.BBB * . | | o=.o . +oo . | +----[SHA256]-----+ slave@slave-VirtualBox:~$ ls ~/.ssh/ id_rsa id_rsa.pubSSH Setup On Master
master@master-VirtualBox:~/Desktop$ sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT [sudo] password for master: master@master-VirtualBox:~/Desktop$ master@master-VirtualBox:~/Desktop$ sudo ufw allow ssh [sudo] password for master: Rules updated Rules updated (v6) master@master-VirtualBox:~/Desktop$ master@master-VirtualBox:~/Desktop$ ssh-keygen -t rsa -f ~/.ssh/id_rsa -P "" Generating public/private rsa key pair. Your identification has been saved in /home/master/.ssh/id_rsa Your public key has been saved in /home/master/.ssh/id_rsa.pub The key fingerprint is: SHA256:XJE706Wgy1CVQYvkG9ImPpPU61+BvTIFJL/XzcbIQxk master@master-VirtualBox The key's randomart image is: +---[RSA 3072]----+ | oo*+ E | | =.=+o .o | | +.B.=+ oo | | o.*.=+=o+ = | | =oS.oo= = =| | +o o o o | | . o o | | . + | | . | +----[SHA256]-----+ master@master-VirtualBox:~/Desktop$ master@master-VirtualBox:~/Desktop$ ssh-copy-id -i ~/.ssh/id_rsa.pub slave@192.168.100.5 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/master/.ssh/id_rsa.pub" The authenticity of host '192.168.100.5 (192.168.100.5)' can't be established. ECDSA key fingerprint is SHA256:fJ4WXjotryiK6Log/u8tHtwNiTpc16q/hcYPMeX0m3w. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys slave@192.168.100.5's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'slave@192.168.100.5'" and check to make sure that only the key(s) you wanted were added. master@master-VirtualBox:~/Desktop$ ssh slave@192.168.100.5 Welcome to Ubuntu 21.10 (GNU/Linux 5.13.0-21-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage 37 updates can be applied immediately. To see these additional updates run: apt list --upgradable slave@slave-VirtualBox:~$ exit logout Connection to 192.168.100.5 closed. master@master-VirtualBox:~/Desktop$Connecting with Master from Slave machine
slave@slave-VirtualBox:~$ ssh-copy-id -i ~/.ssh/id_rsa.pub master@192.168.100.4 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/slave/.ssh/id_rsa.pub" The authenticity of host '192.168.100.4 (192.168.100.4)' can't be established. ECDSA key fingerprint is SHA256:x1sg2YzMK+8ITBSoH/7m1mc1gUOHmfazPd6DsGuL2kk. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys master@192.168.100.4's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'master@192.168.100.4'" and check to make sure that only the key(s) you wanted were added. slave@slave-VirtualBox:~$ ssh master@192.168.100.4 Welcome to Ubuntu 21.10 (GNU/Linux 5.13.0-21-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage 0 updates can be applied immediately. master@master-VirtualBox:~$ exit logout Connection to 192.168.100.4 closed. slave@slave-VirtualBox:~$Errors You Might Encounter On Slave If Above Steps Are Not Followed Properly:
slave@slave-VirtualBox:~$ ssh-copy-id -i ~/.ssh/id_rsa.pub master@master /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/slave/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname master: Temporary failure in name resolution slave@slave-VirtualBox:~$ ssh-copy-id -i ~/.ssh/id_rsa.pub master@master-VirtualBox /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/slave/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname master-virtualbox: Temporary failure in name resolution slave@slave-VirtualBox:~$ ssh-copy-id -i ~/.ssh/id_rsa.pub master@192.168.100.4 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/slave/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: ERROR: ssh: connect to host 192.168.100.4 port 22: Connection refused
Monday, November 29, 2021
SSH setup on an Ubuntu-based two-node master-slave network
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment