Qiita Teams that are logged in
You are not logged in to any team

Log in to Qiita Team
Community
OrganizationAdvent CalendarQiitadon (β)
Service
Qiita JobsQiita ZineQiita Blog
0
Help us understand the problem. What is going on with this article?
@1429takahiro

ローカルMac環境からVirtualBox上のRHEL8にSSH鍵認証で接続する為の設定

More than 1 year has passed since last update.

ローカルのMac環境からVirtualBox上のRHEL8環境にSSH鍵認証で接続する為の設定メモ

やりたいこと

ローカルのMacOS上のrootユーザで、VirtualBox上のREHL8環境のloing00ユーザにSSH鍵認証でログインする。

本記事の内容

  1. ローカルのMac環境上のrootユーザでSSH鍵ペアの作成
  2. RHEL8環境上のlogin00ユーザのauthorized_keysファイルへの鍵登録
  3. ローカルのMac環境上のrootユーザのknow_hostsファイルにRHEL8環境のホスト公開鍵の登録
  4. 接続確認

前提環境

  • ホストOS:macOS Catalina 10.15.1
  • 仮想化ソフト:VirtualBox Version 6.1.0 r135406
  • ゲストOS:Red Hat Enterprise Linux release 8.0 (Ootpa)
  • ゲストOSカーネル:4.18.0-80.el8.x86_64

VirtualBox上へのRHEL8環境の構築は以下ご参照

Red Hat Enterprise Linux 8 を開発目的で無料でセットアップする方法

1. ローカルのMac環境上のrootユーザでSSH鍵ペアの作成

  • 全てデフォルト設定で作成(パスフレーズ設定もなし)
ローカルMac環境
[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/var/root/.ssh/id_rsa):  
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /var/root/.ssh/id_rsa.
Your public key has been saved in /var/root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:0uYhpibejf/pB5pLNBqND5Cksaty5nE8ykBCFhqFm+U root@ITakahiro.local
The key's randomart image is:
+---[RSA 2048]----+
|o**              |
|o.               |
|+*o   x .ls      |
|=.E. o .  . .    |
|o.  + B S        |
|+  . O *..       |
|+ = A *o..       |
|.B C =o  ..      |
|  = o.+saa+.     |
+----[SHA256]-----+
[root@localhost ~]#
  • 作成されたrootユーザの公開鍵の確認
ローカルMac環境
[root@localhost ~]# cd ~/.ssh
[root@localhost .ssh]# ls -ltr 
total 24
-rw-r--r--  1 root  wheel   343 Feb  1 11:17 known_hosts
-rw-------  1 root  wheel  1831 Feb  1 11:49 id_rsa
-rw-r--r--  1 root  wheel   402 Feb  1 11:49 id_rsa.pub
[root@localhost .ssh]# cat id_rsa.pub
ssh-rsa xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxRlIEt8Xw1ElzRaNNmS1mG5I+oZNnZD+fshgBw+KW3CeesoXxpeiP1f0PSXa8uroyng0dRVHwrZQQ3HPsh2XGozgu8+Kr0yXuOZnJbByVLdMGJbBeSQCbSYXxxxxxxxxxxUtEe4XjL7cVZ2xxxxxxxxxxLBj7k5mztkuxxxxxxxxxxw3zjvWbTxxxxxxxxxxbtZEka0v+2EpnCZFj+IVN6xeyHW3dTesmjZjPT3P9kSrLZ1G/ucrafs9urPIhZN7C98L0SBA5jXwyGBzGjECtuHxzeBvXKl3H50lLz2bhUQMuhjh48lpeq83rNByoxr2Od root@ITakahiro.local
[root@localhost .ssh]#

2. RHEL8環境上のlogin00ユーザのauthorized_keysファイルへの鍵登録

  • VirtualBox上のRHEL8環境にlogin00ユーザにてログイン後以下実行
VirtualBoxRHEL8環境
[login00@rhel8 ~]$ whoami 
login00
[login00@rhel8 ~]$ pwd 
/home/login00
[login00@rhel8 ~]$ mkdir .ssh
[login00@rhel8 ~]$ cd .ssh
[login00@rhel8 .ssh]$ 
[login00@rhel8 .ssh]$ vim authorized_keys
[login00@rhel8 .ssh]$ # ↑上記authorized_keysに先ほど作成したrootユーザの公開鍵を追記
[login00@rhel8 .ssh]$ 
[login00@rhel8 .ssh]$ cat ~/.ssh/authorized_keys 
ssh-rsa xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxRlIEt8Xw1ElzRaNNmS1mG5I+oZNnZD+fshgBw+KW3CeesoXxpeiP1f0PSXa8uroyng0dRVHwrZQQ3HPsh2XGozgu8+Kr0yXuOZnJbByVLdMGJbBeSQCbSYXxxxxxxxxxxUtEe4XjL7cVZ2xxxxxxxxxxLBj7k5mztkuxxxxxxxxxxw3zjvWbTxxxxxxxxxxbtZEka0v+2EpnCZFj+IVN6xeyHW3dTesmjZjPT3P9kSrLZ1G/ucrafs9urPIhZN7C98L0SBA5jXwyGBzGjECtuHxzeBvXKl3H50lLz2bhUQMuhjh48lpeq83rNByoxr2Od root@ITakahiro.local
[login00@rhel8 .ssh]$ 
[login00@rhel8 .ssh]$ chmod 600 authorized_keys 
[login00@rhel8 .ssh]$
[login00@rhel8 .ssh]$ ls -ltr
合計 4
-rw-------. 1 login00 login00 402  1月 31 21:52 authorized_keys
[login00@rhel8 .ssh]$ 
[login00@rhel8 .ssh]$ chmod 700 ~/.ssh
[login00@rhel8 .ssh]$
[login00@rhel8 .ssh]$ ls -ld ~/.ssh
drwx------. 2 login00 login00 29  1月 31 21:52 /home/login00/.ssh
[login00@rhel8 .ssh]$

3. ローカルのMac環境上のrootユーザのknow_hostsファイルにRHEL8環境のホスト公開鍵の登録

  • RHEL8環境のホスト公開鍵の確認
VirtualBoxRHEL8環境
[login00@rhel8 .ssh]$ cat /etc/ssh/ssh_host_rsa_key.pub 
ssh-rsa xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/nyUHAV/kanjsIgoWBUFJSydxcYItAIh+lU6DfVU7TPBNwCXHRLDxxxxxxxxxxXhJUDtxxxxxxxxxx94o7HxxxxxxxxxxxvW+zxxxxxxxxxxf7TSWd5G0sU0jg6UojNAHiuQx/BIVGefOUKrgklv4HCsJU93tn4lZ5XFB0BjeaQqfL3BizqjZDe/yy5dzyn96LK3KLWEZ8igBq5TrFclRIU0tZ5AlbYJ1HhVTMOYWtjGN15RT/C1pvA/yHuCKKNhzp7ysGXY1ghQxze2Ix0avp0/Wkyc8HO5oNhHY3Y8Myc47uumISOaOCD+0vLPeIuOy+03 
[login00@rhel8 .ssh]$
  • ローカルMac環境上のrootユーザのknow_hostsへのRHEL8環境のホスト公開鍵の登録
ローカルMac環境
[root@localhost .ssh]# vim ~/.ssh/known_hosts 
[root@localhost .ssh]# 
[root@localhost .ssh]# cat ~/.ssh/known_hosts
rhel8 ssh-rsa xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/nyUHAV/kanjsIgoWBUFJSydxcYItAIh+lU6DfVU7TPBNwCXHRLDxxxxxxxxxxXhJUDtxxxxxxxxxx94o7HxxxxxxxxxxxvW+zxxxxxxxxxxf7TSWd5G0sU0jg6UojNAHiuQx/BIVGefOUKrgklv4HCsJU93tn4lZ5XFB0BjeaQqfL3BizqjZDe/yy5dzyn96LK3KLWEZ8igBq5TrFclRIU0tZ5AlbYJ1HhVTMOYWtjGN15RT/C1pvA/yHuCKKNhzp7ysGXY1ghQxze2Ix0avp0/Wkyc8HO5oNhHY3Y8Myc47uumISOaOCD+0vLPeIuOy+03
[root@localhost .ssh]#
  • ホスト名で接続する際、IPアドレスがknown_hostsに追記されないよう、ssh_configの設定変更
ローカルMac環境
[root@localhost .ssh]# vim /etc/ssh/ssh_config
#   CheckHostIP yes
↓ 以下に変更
    CheckHostIP no
[root@localhost .ssh]# 

4. 接続確認

  • SSH鍵認証でlogin00ユーザにログインできることを確認(パスワードが求められない事を確認)
ローカルMac環境
[root@localhost .ssh]# ssh login00@rhel8
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Fri Jan 31 22:22:23 2020 from 192.168.56.1
[login00@rhel8 ~]$
0
Help us understand the problem. What is going on with this article?
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away

Comments

No comments
Sign up for free and join this conversation.
Sign Up
If you already have a Qiita account Login
0
Help us understand the problem. What is going on with this article?