Administration Guide › Log Storage › Configuring Non-Interactive Authentication for Restore › Example: Configure Authentication From Remote Storage to a Restore Point › Generate Keys and Copy the Public Key to the Restore Point
Generate Keys and Copy the Public Key to the Restore Point
From the remote storage server, generate an RSA key pair as the caelmservice user. Then, copy the public key file id_rsa.pub as authorized_keys, to the /tmp directory on the restore point CA User Activity Reporting Module. A restore point is a server dedicated to investigating restored data.
It is assumed that the /opt/CA/LogManager/.ssh directory structure exists on the storage server with the ownership set to caelmservice user and group. It contains authorized_keys copied from reporting servers. When you generate the key pair, you save id_rsa.pub to the /opt/CA/LogManager/ssh directory.
To generate the RSA public/private key pair for remote storage to restore point server authentication
- Log on to the remote server used for storage through ssh as the caelmadmin user.
- Switch users to the root account.
su -
- Switch users to the caelmservice account.
su - caelmservice
- Generate an RSA key pair as the caelmservice user.
ssh-keygen -t rsa
- Press Enter to accept the default when each of the following prompts appears:
- Enter file in which to save the key (/opt/CA/LogManager/.ssh/id_rsa):
- Enter passphrase (empty for no passphrase):
- Enter same passphrase again:
- Change directories to /opt/CA/LogManager.
- Change the permissions of the .ssh directory using the following command:
chmod 755 .ssh
- Navigate to .ssh, where id_rsa.pub key is saved.
cd .ssh
- Copy the public key as authorized_keys to the /tmp directory on the restore point server.
scp id_rsa.pub caelmadmin@<restore_point>:/tmp/authorized_keys
Copyright © 2013 CA.
All rights reserved.
|
|