Part of keeping a secure network is periodically backing up data or system logs, but if you have more than a handful of computers then logging on to each individual workstation can be a hassle. So what's a lazy (I prefer "efficient") Systems Administrator to do?
Why, automate it through scripts, of course.
Typically, in order to automate retrieving data from multiple workstations, you need to build a script that remotely logs on to each workstation using secure shell, or SSH. Unfortunately, the process of using SSH to access a workstation requires you to authenticate with each workstation, preventing you from automating it without either:
- Embedding the username and password into your script
- Disabling authentication completely
- Manually typing in the username and password each time you run the script
Fortunately, there is an alternative: SSH-Keychains. SSH-Keychains utilize Public Key Infrastructure (PKI) to generate a public and private key to authenticate the server and account with each workstation without the use of a normal password.
Creating an SSH-Keychain should be a quick process using the ssh-keygen command and copying the public key (id_dsa.pub) to the ~/.ssh/authorized_keys file, but sometimes the process still hangs up. So you'll need to troubleshoot the issue using ssh -v to determine why the SSH is failing. It could fail because: Destination is not found in the known_hosts, public key failed, or failed keyboard-interactive (configuration file settings).