SSH + Screen = Easy Administration
I have access to a numerous amount of Linux machines for work and personal matters. Instead of having a ton of different SSH or PuTTY windows open, each connected to a server that I administrate, I decided to use screen to connect to all of them, and manage each one in a different screen window.
Before getting into my screen configuration, its also important to note that on top of my screen setup, I have also configured SSH to authenticate via SSH keys, so I wouldn’t have to always type the password when admining from my “playbox”.
Here is how I set up SSH keys.
I Basically have a single linux machine that I connect to each day at work via PuTTY. We will call that machine my playbox.
From playbox command line, logged in as the user adam I typed the following:
adam@playbox:~$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/adam/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_dsa.
Your public key has been saved in id_dsa.pub.
The key fingerprint is:
The next step was to copy over the id_dsa.pub file to all the machines I normally SSH to from my playbox.
In this example, I am copying the id_dsa.pub file from my playbox, to a machine called webserver. For this, I did the following:
adam@playbox:~$ scp ~/.ssh/id_dsa.pub adam@webserver:.
After the copy completed, I had to ssh to the webserver machine one last time using a password.
adam@playbox:~$ ssh adam@webserver
Once connected to the webserver via SSH, I needed to move the id_dsa.pub file into the ~/.ssh/ folder. It is important to note that I had never attempted to ssh from this machine before logged in as the user adam, so a ~/.ssh/ folder did not exist. I simply did the following:
adam@webserver:~$ ssh adam@playbox
After letting SSH attempt to connect I just closed it down by hitting CTRL-C and there was now the ~/.ssh/ folder. Now I could move the id_dsa.pub file into place, naming it authorized_keys2.
adam@webserver:~$ mv id_dsa.pub ~/.ssh/authorized_keys2
Once we have the file in place on the webserver, we can now exit and go back to our playbox prompt. Now we should be able to log into the webserver machine without being prompted for a password.
adam@playbox:~$ ssh webserver
Now, repeat the steps above using scp to copy over the id_dsa.pub file to all your other servers ~/.ssh/ folders!
Now that we have the SSH keys set up, we can configure our screen setup.
The first thing I did was locate my .screenrc file and open it in vim. The only modifications I made was adding lines for each of my machines.
screen -t webserver ssh webserver
screen -t mailserver ssh mailserver
screen -t ftpserver ssh ftpserver
screen -t development ssh development
screen -t fileserver ssh fileserver
The above commands will create seperate windows in screen, name them, and connect to each of my servers. It is important to note that I have previously made entries in my /etc/hosts file so that I would not need to type out IP addresses for each server.
After modifiying my ~/.screenrc file, I saved it and simply ran screen.
Now you can see, by hitting CTRL-A Shift-” that all of your windows are present, and everything has been logged in for you.
Num Name Flags
0 webserver $
1 mailserver $
2 ftpserver $
3 development $
4 fileserver $
I find it much easier to administrate multiple machines this way. You could even create multiple windows per each server if you wanted to by adding more lines to the .screenrc, or by creating new windows on-the-fly by using the CTRL-A CTRL-C switch.
That is all for now. I may add more to this later as I think of other things. For more information on screen, see the man page here.
Popularity: 15% [?]
Like this post? Subscribe to my RSS feed and get loads more!