How can I generate SSH key for public key based authentication in server monitors?

How can I generate SSH key for public key based authentication in server monitors?

To monitor a Unix server via Public Key Authentication in SSH mode, you need to generate a set of RSA or DSA key pairs.
To generate RSA or DSA SSH key pairs:
  1. For windows, you can use a free tool like PuTTYgen.
  2. For Linux, you can use ssh-keygen command.
Steps for generating SSH key pairs from any Linux server:
1.  Log in as the user responsible for monitoring (e.g., appmanager) on a Linux server (Server1) and open a terminal or command prompt.
2.  Create the ~/.ssh/ folder if it doesn't already exist and set the correct permissions:
  1. mkdir -p ~/.ssh
  2. chmod 700 ~/.ssh
3. Generate an RSA or DSA key pair:
RSA
  1. ssh-keygen -t rsa -f ~/.ssh/apm_key
DSA
  1. ssh-keygen -t dsa -f ~/.ssh/apm_key
Note: This command will generate both the private key (e.g., apm_key) and the corresponding public key (e.g., apm_key.pub) in the ~/.ssh/ folder.
The options -f  (custom file name) is optional. If skipped, the default key pair (e.g., id_rsa or id_dsa) will be generated.
4. Copy the public key to the server (Server2) that needs to be monitored using the command:
  1. ssh-copy-id -i ~/.ssh/apm_key.pub <username>@<hostname>
This command will copy the public key to the appropriate location on the destination server and configure the permissions automatically. Replace <username> with the username associated with the account on Server2 where you want to copy the public key. Similarly, replace <hostname> with the actual hostname or IP address of Server2.
Example:
ssh-copy-id -i ~/.ssh/apm_key.pub appmanager@server2
5. Update the SSH server configuration on Server2:
* Edit the SSH server configuration file (usually located in /etc/ssh/sshd_config).
Only SSH protocol version 2 is supported. So update Protocol key in sshd_config to 2
  1. Protocol 2
* OptionalIf you want to disable password authentication for this user, update PasswordAuthentication key in sshd_config file to no
  1. PasswordAuthentication no
* Save the changes and restart the SSH daemon using the command:  
  1. /etc/rc.d/sshd restart
6. From Server1's command prompt, connect to Server2 using the username associated with the account to which you copied the public key:
  1. ssh <username>@<hostname>
Replace <username> with the appropriate username and <hostname> with the actual hostname or IP address of Server2.
Example:
ssh appmanager@server2
By following the above steps, you should be able to log in to Server2 from Server1 without being prompted for a password.

7. If the previous steps are successful and you can log in to Server2 from Server1 without being prompted for a password, you can proceed to use the private key available on Server1 to add Server2 in the Applications Manager. This step ensures secure monitoring of Server2 using SSH key-based authentication.
8. Additionally, you have the flexibility to copy the same public key (following steps 4 and 5) to any other servers you need to monitor. By repeating the process for each server, you can use the same private key generated on Server1 to authenticate and monitor all those servers securely in Applications Manager.

By following these added steps, you can centralize your monitoring efforts using a single private key while utilizing the respective public keys on different servers for secure and efficient monitoring.

If you're having trouble adding a monitor in Applications Manager, refer this troubleshooting link.

                  New to ADSelfService Plus?