Re: using ssh-keygen to create identical keys

markryde@xxxxxxxxx wrote:
Hello,
I have 5 clients which are connected to three server; this network is
for testing and
it not (AND WILL NOT!) be connected to the internet.
Now: becuase this is for testing, some machines are dual boot; also
quite frequently we
install OS on these machines. Theses machines have flavors of linux,
and there is also solaris.
My question is: we do work a lot with ssh.
If on the client side you run : ssh-keygen -t rsa
it generates 2 files:
id_rsa id_rsa.pub
then if you copy id_rsa.pub to the server renaming it to
authorized_keys2
(no need to restart the ssh daemon on the server!), than next time you
will run ssh from a client to a server than it will connect directly,
without need for a password.


Is there a way that all these clients will have the same key?
(so that on the server, a certain, common authorized_keys2 file will be
used, hopefully
with only one line).
Or is there some other way to cause all the clients to be able to
connect without a password
to all the servers ?

As I said, there is no fear of being attacked from outside as this net
is isoalted from
the outer world.
Regard,
MR


Yes there is a way. You generate the keys on one machine and copy them
to all the others. I would not do it though. I think it's generally a
good practice for each person to have their own keypair.

Also do not copy the public key to authorized_keys2. That overwrites it.
Use authorized_keys (keys2 is obsolete) instead and concatenate the keys
to the file, one line per key. This is how authorized_keys is designed
to work. It holds multiple keys, not just one.
.

Relevant Pages

  • Re: Domain Controller Stops Processing All Login Requests Randomly
    ... > control the clients and shutdown a bunch of machines at once or turn them ... >>> machines simultaneously that are Deep Freeze clients. ... the server exhibited the same behaviour. ...
    (microsoft.public.windows.server.dns)
  • Re: XP clients do not appear in Collections
    ... You may have to enable logging on your server through the Tools - Service ... XP machines were not discovered until I created a collection ... .ddr file on clients. ... >> What discovery method did you enable? ...
    (microsoft.public.sms.admin)
  • Re: Mail sync - Evolution and Outlook
    ... > Sync Outlook with IMAP server before travelling. ... > seen / tried before to keep two machines in sync. ... automatic routines in modern mail clients. ...
    (alt.os.linux.suse)
  • Re: Help need desperately!
    ... > Have you given your SMS Server's machine account FULL CONTROL of the Systems ... > machines are already discovered or you wouldn't be able to push to them. ... > Check through the SMS Server logs, ... All clients are discovered, assigned and have successfully installed the ...
    (microsoft.public.sms.inventory)
  • Re: Inconsistant DNS resolution problems on 2003 RRAS server
    ... some clients are resolving DNS names differently that others. ... then "this server" is ambiguous. ... machines but you need to clearly differentiated each pronound, ...
    (microsoft.public.win2000.ras_routing)