Bear with me, I haven't had to set this up for like 15 years (honestly - I last had to do this in 2010, according to the script comments I made ...)
I have a Red Hat host on my protected LAN. I plan on running a script that will transfer files from a 2nd Red Hat Linux host on my DMZ. I have the script, it's been working fine for these 15 years between the existing hosts.
Now we're (finally!) upgrading/replacing those hosts, so I am starting clean, 2 brand new hosts. But we will configure them to use the same script, same as the previous hosts.
Anyway, the script relies on pre-shared SSH keys (no it can run as a cron job, no prompting for credentials). So I just want to be clear on the steps I need to do, enable the sharing of keys.
1. I need to create an SSH key with the user who will be executing the script. Easy enough.
- I suppose this key should have a passphrase. I don't think I used one the last time, way back when ...
2. I need to copy said SSH public key over to the other host
ssh-copy-id -i .ssh/id-rsa.pub user@destination
Q; The "user@destination". So this a user with the access rights to be able to access what my script will be doing (in my case, copying from that DMZ host back to this host, so that user needs access to the directories where the files will be coming from).
So if I am user "mike" on the protected host, and I login to the DMZ host as "the-ftp-admin-acct", in the command above I would use:
ssh-copy-id "the-ftp-admin-acct@dmz-host"
(No, the DMZ won't be using FTP, it will be SFTP. It's just a user name LOL)
Q: I won't need my SSH passphrase now, right? Just the password to the account over on the other host?
Q: I shouldn't need to do the reverse, right? If all I am doing is going protected-host=>DMZ-host, then I don't need to ssh-copy-id from the DMZ-host to the protected-host. This is a 1 way share, for my use case.
Thanks. Sorry if these seem like silly n00b questions, it's been a while since I used Linux with any real regularity ....
--