7000 automatic login for scripting

Creating a SSH Public/Private SSH Key Pair

On a unix box:

[geoff@lightning ~] ssh-keygen -t rsa -b 1024

Generating public/private rsa key pair.

Enter file in which to save the key (/export/home/geoff/.ssh/id_rsa): /export/home/geoff/.ssh/nas_key_rsa

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /export/home/geoff/.ssh/nas_key_rsa.

Your public key has been saved in /export/home/geoff/.ssh/nas_key_rsa.pub.

The key fingerprint is:

7f:3d:53:f0:2a:5e:8b:2d:94:2a:55:77:66:5c:9b:14 geoff@lightning

Installing the Public Key on the Appliance

On your Solaris host, observe the public key:

[geoff@lightning ~] cat .ssh/nas_key_rsa.pub 

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvYfK3RIaAYmMHBOvyhKM41NaSmcgUMC3ig

PN5gUKJQvSnYmjuWG6CBr1CkF5UcDji7v19jG3qAD5lAMFn+L0CxgRr8TNaAU+hA4/

tpAGkjm+dKYSyJgEdMIURweyyfUFXoerweR8AWW5xlovGKEWZTAfvJX9Zqvh8oMQ

5UJLUUc= geoff@lightning

Now, copy and paste everything after "ssh-rsa" and before "user@hostname" - in this case, geoff@lightning. That is, this bit:

AAAAB3NzaC1yc2EAAAABIwAAAIEAvYfK3RIaAYmMHBOvyhKM41NaSmcgUMC3ig

PN5gUKJQvSnYmjuWG6CBr1CkF5UcDji7v19jG3qAD5lAMFn+L0CxgRr8TNaAU+hA4/

tpAGkjm+dKYSyJgEdMIURweyyfUFXoerweR8AWW5xlovGKEWZTAfvJX9Zqvh8oMQ

5UJLUUc=

Logon to your appliance and get into the preferences -> keys area for this user (root):

[geoff@lightning ~] ssh root@fishy10.priv

Password:

Last login: Mon Dec  6 17:13:28 2010 from 192.168.0.2

fishy10:> configuration users

fishy10:configuration users> select root

fishy10:configuration users root> preferences 

fishy10:configuration users root preferences> keys

OR do it all in one hit:

fishy10:> configuration users select root preferences keys

Now, we create a new public key that will be accepted for this user and set the type to RSA:

fishy10:configuration users root preferences keys> create

fishy10:configuration users root preferences key (uncommitted)> set type=RSA

Set the key itself using the string copied previously (between ssh-rsa and user@host), and set the key ensuring you put double quotes around it (eg. set key="<key>"):

fishy10:configuration users root preferences key (uncommitted)> set key="AAAAB3NzaC1yc2EAAAABIwAAAIEAvYfK3RIaAYmMHBOvyhKM41NaSmcg

UMC3igPN5gUKJQvSnYmjuWG6CBr1CkF5UcDji7v19jG3qAD5lAMFn+L0CxgRr8TN

aAU+hA4/tpAGkjm+dKYSyJgEdMIURweyyfUFXoerweR8AWW5xlovGKEWZTAfvJX

9Zqvh8oMQ5UJLUUc="

Now set the comment for this key (do not use spaces):

fishy10:configuration users root preferences key (uncommitted)> set comment="LightningRSAKey"

Commit the new key:

fishy10:configuration users root preferences key (uncommitted)> commit

Verify the key is there:

fishy10:configuration users root preferences keys> ls

Keys:

NAME     MODIFIED              TYPE   COMMENT

key-000  2010-10-25 20:56:42   RSA    cycloneRSAKey

key-001  2010-12-6 17:44:53    RSA    LightningRSAKey

As you can see, we now have my new key, and a previous key I have created on this appliance.

Running your Script over SSH from a Remote System

Here I have created a basic test script, and saved it as test.ecma3:

[geoff@lightning ~] cat test.ecma3 

script

// This is a test script, By Geoff Ongley 2010.

printf("Testing script remotely over ssh\n");

.

Now, we can run this script remotely with our keyless login:

[geoff@lightning ~] ssh -i .ssh/nas_key_rsa root@fishy10 < test.ecma3

Pseudo-terminal will not be allocated because stdin is not a terminal.

Testing script remotely over ssh