KBI 312187 How to Configure Password-less SSH Logon For Linux/UNIX Monitoring
Version
Argent Omega 2.2A-2404-A and later
Date
Wednesday, 26 June 2024
Summary
Password-less SSH logon is considered more secure than typical user/password logon.
It is very common for Linux/UNIX administrators. It is accomplished by implementing public key authentication between Linux/UNIX hosts.
Argent Omega implements public key authentication as well.
It makes use of PuttyGen.exe, which is part of Putty package (https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html), to generate private/public key pair for authentication.
Take following steps:
- Start PuttyGen.exe, select key type ‘RSA’, then click button ‘Generate’ to generate key pair.
Note: Private/public keys currently used by Linux/UNIX environment can be re-used here. By doing so, it would be no need to update authorized_keys file on each host.
To re-use the existing private key, copy the key file from Linux/UNIX host, the use button ‘Load’ to import. - Leave key passphrase empty, click button ‘Save Private Key’ to save private key as a PPK file.
- Logon to Linux/UNIX host, append public key to file ~/.ssh/authorized_keys.
- Add Linux/UNIX host to CMDB-X.
- Configure CMDB-X node properties to use SSH and PPK with appropriate logon account.
Note: Password is empty in Authentication and Logon User is the account that has the updated authorized_keys file.
- Run connectivity test to make sure that logon is successful.
Technical Background
N/A
Resolution
Upgrade to Argent Omega 2.2A-2404-B or later