How do I copy the contents of user/.ssh/known_hosts to the same file under root?

Question

I am trying to accomplish passwordless ssh-ing from root. To be clear, I want to log in from the local machine at root to a /home/user folder on remote. Have established the connection between user@local to user@remote, but can't figure out how to allow root to connect.

You reall do not need to do that as host will be added if you run ssh are root. To copy the file cp ~user/.ssh/.known_hosts /root/.ssh — Panther, Jun 09 '15 at 23:17
possible duplicate of How can I set up password-less SSH login? ....replace the user to root.. — heemayl, Jun 09 '15 at 23:44
Can not recommend connecting (as root) over SSH. You may also be having issues with SSH config settings that prevent this type of access. If you can explain why you really need this, I may be able to help. — david6, Jun 10 '15 at 01:44
Need to passively move regularly generated files to another computer. — knl, Jun 10 '15 at 01:51

score 1 · Accepted Answer · answered Jun 09 '15 at 23:17

1

First of all, known_hosts is not the file that you want to copy. That is just a list of all the systems that have been connected to to check if the system might have changed or a man-in-the-middle attack is being attempted.

For password less connections, you need a id_rsa file in .ssh folder. You can copy the file and make sure is has the correct permissions. 600 for the file

or better, create a new key for root to use. sudo up to root. create the key and then copy the id_rsa.pub contents to the authorized_keys on the remote system. there are steps in the link below.

ssh-keygen -t rsa

ssh - without password

Or create your key as Root then use ssh-copy-id command, it will add the files where they need to be. ssh-copy-id user@hostname.example.com

answered Jun 09 '15 at 23:17

grag42

226
1
6

I did create a new key under root and copied it to remote, but the script calling ssh to the remote asks for the passphrase each iteration. How do I avoid this? Just skip the passphrase on the root keyset? – knl Jun 09 '15 at 23:21
Yes. you can skip the passphrase part. – grag42 Jun 09 '15 at 23:22
Is the passphrase a 'paranoid' level of security? I don't want to skimp on useful levels of security. – knl Jun 09 '15 at 23:24
It is not really a paranoid level of security, as you just replaced your password with a txt file, that if someone gets access on the system can then access to all other systesms. With ssh-add and ssh-agent, you can use the passphrase to unlock the authentication keys so not everyone can use them, but you will only have to enter it one time. – grag42 Jun 09 '15 at 23:27
1

https://help.github.com/articles/working-with-ssh-key-passphrases/ – grag42 Jun 09 '15 at 23:28
so how do i enter my passphrase the one time if it's an autostart root login? – knl Jun 10 '15 at 00:57
1

That I am unsure of how to do. except in plain text format. normally you should never run as root. unless absolutely necessary. why not create a user with appropriate permissions on both systems. and use that user instead of root. – grag42 Jun 10 '15 at 03:36

How do I copy the contents of user/.ssh/known_hosts to the same file under root?

1 Answers1