2009/11/12

ssh via apache deamon user

Scenario: You have a web script (php, ruby, python, or so) that need to ssh over a remote machine to do stuff. How you do set up ssh key for the apache deamon user?

After some dig out, here's the steps, mostly taken from (Boredworkers.com):

Make key for apache daemon
1. log in to source server as root
2. create .ssh directory for apache user. Make sure you have the ownership right:

$ mkdir /var/www/.ssh
$ chown -R apache:nobody /var/www/.ssh


3. Generate the ssh-key authentication key as user apache using sudo. Use the default file location and leave empty when prompted for passphrase.

$ sudo -u apache ssh-keygen -t rsa


4. Append apache's public key to destination server

$ sudo -u apache cat .ssh/id_rsa.pub | ssh dest_user@dest_server 'cat >> ~/.ssh/authorized_keys'


5. Test the set up. You’ll see that you can now run ssh commands without being prompted for the user password:

$ sudo -u apache ssh dest_user@dest_server


refernce: http://www.boredworkers.com/2009/08/24/script-tips-ssh-key-for-apache/

沒有留言:

Mercury簡易改裝

有同好有一樣的困擾 - 如何使用自己的data logging軟體,因此寫了這篇來分享我的簡易改裝。 Background 雲豆子 MERCURY roaster 烘豆機的設計是使用自行開發的軟體,來:1. 操控風門/火力; 2. data logging/自動烘焙。 ...