Scribd
Upload
259 views2 pages

SSH Key Implementation

1. Remove the existing SSH keys for the user 'staffadm' on the source server. 2. Generate a new SSH key for 'staffadm' on the source server, copy the public key to the authorized_keys file on target servers, and enable logging. 3. Test login from the source server to target servers using the new SSH keys and verify that the login activity is logged correctly.

Uploaded by

karthikm07
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
259 views2 pages

SSH Key Implementation

1. Remove the existing SSH keys for the user 'staffadm' on the source server. 2. Generate a new SSH key for 'staffadm' on the source server, copy the public key to the authorized_keys file on target servers, and enable logging. 3. Test login from the source server to target servers using the new SSH keys and verify that the login activity is logged correctly.

Uploaded by

karthikm07
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

Pre-Implementation Task:

************************
Remove the contents of /home/staffadm/.ssh/authorized_keys

Implementation Plan:
********************
On HORINNIM01 (SourceServer)
1) Create new Key file as mentioned below (as per SSH key labelling process)
Command: (as 'staffadm' user id)
/usr/bin/ksh create_ssh_key.sh
Details mentioned below will be used will creating ID
KeyFile name
: staffadm
Country Code
: 744
Type
:
F
URT Imtermediate Code :
*RSAUNX
Company
:
IBM
Description of ID
:
UNIX Automation ID
Will you use a passphrase:
NO
IP addresses to login from: 10.109.241.23
Logging to be added
:
YES
This will create files mentioned below
Key Files:
staffadm & staffadm.pub
Logger File: sshd_cmd_logger

2) Copy the content of 'staffadm.pub' to target servers /home/staffadm/.ssh/auth


orized_keys
Commands:
scp /home/staffadm/.ssh/staffadm.pub <targetserver>:/home/staffadm/.ssh/
cat /home/staffadm/.ssh/staffadm.pub >> /home/staffadm/.ssh/authorized_keys
3) Enable logging as per suggested method in IBM Wiki
Copy the 'sshd_cmd_logger' file to target servers
Command:
scp /home/staffadm/.ssh/sshd_cmd_logger <targetserver>:/home/staffadm/.ssh/
With root privilee to do the following on each of your target servers
Command:
mkdir /var/log/.sh_history_staffadm
chmod 1777 /var/log/.sh_history_staffadm

Test Plan:
**********
Login to Target server from source server with 'staffadm' ID using the ssh-keys
generated and test the logs that are being captured.

You might also like