How can I login to or between linux servers more securely than using a password?
This does include logging between multiple control servers, control servers and hypervisors, and even logging into virtual machines without the need for a password that can be hacked.
An RSA key is a very secure method of logging into a server without a password, while still preventing unauthorized users from accessing the same server.
For cloud security we recommend using ssh keys to access clouds instead of passwords.
To generate an ssh key you will first need to ssh into the server (you will want to be logged in as the user you want to make the key for. In most cases root).
ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.pub2.
Your public key has been saved in /root/.ssh/id_rsa.pub2.pub.
The key fingerprint is:
The key's randomart image is:
+--[ RSA 2048]----+
| . |
| . * . |
| = o S * |
| . B + + + |
| o = + = . |
| + . + o |
| . E |
From there to add a key to a new server (again make sure you're still logged in as the user you want access)
ssh-copy-id -i /home/<USER>/.ssh/id_rsa.pub root@<NEW SERVER IP>
This will prompt for the password for the second cloud you are adding it to. Then the key is added and it will allow you to use the key instead of the password.