Bug 164388
Summary: | explain ssh key distribution through remote commands | ||
---|---|---|---|
Product: | Red Hat Satellite 5 | Reporter: | Patrick C. F. Ernzer <pcfe> |
Component: | Docs Reference Guide | Assignee: | John Ha <jha> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Martin Minar <mminar> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | adstrong, cperry, mkoci, mminar, msuchy |
Target Milestone: | --- | Keywords: | Documentation, Reopened |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | Fixed in the 5.4.0 Release - GA'd 2010-10-27 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-10-28 14:57:59 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 608749 |
Description
Patrick C. F. Ernzer
2005-07-27 16:10:36 UTC
Great idea. Not for RHN 400. Too late. Maybe a knowledge-base article. Not sure. rhn-uncommitted for now. Mass adding keyword 'Documentation' to all bugs I think this is definately do-able for the 420 Ref Guide. I'm afraid I ran out of time to get this one in - moving to rhn505-docs Adding 'cc ecs-dev-list for tracking Moving Bugs to John Ha and assigning. Re-prioritization meeting on June 20, 7PM EST. Removing automation notification Agh :( Sorry, ran out of time for this one. uncommitting it for sat530-docs. Maybe in an update? So, based on Frank's suggestions, I've rewritten the instructions as follows. Let me know if it is correct or needs changes. 1. Navigate to the Monitoring ⇒ Scout Config Push page on the Satellite interface and click the name of the RHN Server that will monitor the client system. The SSH id_dsa.pub key is visible on the resulting page. 2. Copy the character string (beginning with ssh-dss and ending with the hostname of the RHN Server). 3. Select the systems you want to send the key to from the Systems, then selecting Systems from the left menu, and finally clicking the checkbox next to the systems you want to send the SSH key and click the Manage button at the top. 4. From the System Set Manager, click Run remote commands, then in the Script text box, type the following line: #!/bin/sh cat <<EOF >> /opt/nocpulse/.ssh/authorized_keys Then, press Enter and then paste the SSH Key. The result should look similar to the following: #!/bin/sh cat <<EOF >> /opt/nocpulse/.ssh/authorized_keys ssh-dss AABBAB3NzaC3kc3MABCCBAJ4cmyf5jt/ihdtFbNE1YHsT0np0SYJz7xk hzoKUUWnZmOUqJ7eXoTbGEcZjZLppOZgzAepw1vUHXfa/L9XiXvsV8K5Qmcu70h0 1gohBIder/1I1QbHMCgfDVFPtfV5eedau4AAACAc99dHbWhk/dMPiWXgHxdI0vT2 SnuozIox2klmfbTeO4Ajn/Ecfxqgs5diat/NIaeoItuGUYepXFoVv8DVL3wpp45E 02hjmp4j2MYNpc6Pc3nPOVntu6YBv+whB0VrsVzeqX89u23FFjTLGbfYrmMQflNi j8yynGRePIMFhI= root.com EOF 5. Set the date and time you want for the action to take place, then click Schedule Remote Command. changes *highlighted* 1. Navigate to the Monitoring ⇒ Scout Config Push page on the Satellite interface and click the name of the *Scout* that will monitor the client system. The SSH id_dsa.pub key is visible on the resulting page. There is always one scout with the same name as RHN Satellite as Satellite is the default Scout, but you may have infinite number of Proxies each with Scout and you can have Scout on Proxy and no Scout on Satellite. 4. From the System Set Manager, click Run remote commands, then in the Script text box, type the following line: #!/bin/sh * cat <<EOF >> ~nocpulse/.ssh/authorized_keys * older rhnmd has home in /opt/nocpulse, new one has home in /var/lib/nocpulse path ~nocpulse/.ssh/authorized_keys should expand on both old and new systems to correct path. Everything else is good. Made the corrections from Comment #10 to the latest build of the Satellite Reference Guide: http://documentation-stage.bne.redhat.com/docs/en-US/Red_Hat_Network_Satellite/5.4/html/Reference_Guide/s1-mon-rhnmd.html#s2-mon-rhnmd-ssh The changes should be published there in the next 24 hours. Thanks again for the feedback! John you still had there: #!/bin/sh cat <<EOF >> /opt/nocpulse/.ssh/authorized_keys ssh-dss AABBAB3NzaC3kc3MABCCBAJ4cmyf5jt/ihdtFbNE1YHsT0np0SYJz7xk hzoKUUWnZmOUqJ7eXoTbGEcZjZLppOZgzAepw1vUHXfa/L9XiXvsV8K5Qmcu70h0 1gohBIder/1I1QbHMCgfDVFPtfV5eedau4AAACAc99dHbWhk/dMPiWXgHxdI0vT2 SnuozIox2klmfbTeO4Ajn/Ecfxqgs5diat/NIaeoItuGUYepXFoVv8DVL3wpp45E 02hjmp4j2MYNpc6Pc3nPOVntu6YBv+whB0VrsVzeqX89u23FFjTLGbfYrmMQflNi j8yynGRePIMFhI= root.com EOF There should be: cat <<EOF >> ~nocpulse/.ssh/authorized_keys I.e. you fixed one instance of this line, but you missed second instance of that line. The 5.4.0 RHN Satellite and RHN Proxy release has occurred. This issue has been resolved with this release. RHEA-2010:0801 - RHN Satellite Server 5.4.0 Upgrade https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10332 RHEA-2010:0803 - RHN Tools enhancement update https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10333 RHEA-2010:0802 - RHN Proxy Server 5.4.0 bug fix update https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10334 RHEA-2010:0800 - RHN Satellite Server 5.4.0 https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10335 Docs are available: http://docs.redhat.com/docs/en-US/Red_Hat_Network_Satellite/index.html Regards, Clifford |