Ssh – Make change to config files on multiple servers using SSH

ssh

Problem:

I'm trying to disable SSH password auth for multiple servers.
Which means I have to modify the sshd_config file.
From

#PasswordAuthentication yes

PasswordAuthentication no

I really don't wanna do it one by one. Is there any ways that I can distribute/modify the config file on multiple servers with a single command?

Assumptions you can make:

Those servers have same OS
I can broadcast the SSH command to multiple servers at once

Other notes:

I set the config file to listen different address and/or port on each server.

So this could not be done by downloading the updated config file from a central server.

I prefer a text replacement command to do the job

Best Answer

Look into configuration management tools like Puppet, Ansible or cfengine. They are helpful in the long run.

For a one-off, you could use Augeas, that make this change extremly easy, or even sed, which is present on most systems without further installs.

sed -i s/\#PasswordAuthentication\ yes/PasswordAuthentication\ no/ /etc/ssh/sshd_config

This can be sent in a simple ssh command:

ssh user@server sed ......

Related Solutions

SSH – Bad Owner or Permissions on ~/.ssh/config

I needed to have rw for user only permissions on config. This fixed it.

chmod 600 ~/.ssh/config

As others have noted below, it could be the file owner. (upvote them!)

chown $USER ~/.ssh/config

If your whole folder has invalid permissions here's a table of possible permissions:

Path	Permission
.ssh directory (code)	0700 (drwx------)
private keys (ex: `id_rsa`) (code)	0600 (-rw-------)
`config`	0600 (-rw-------)
public keys (*.pub ex: `id_rsa.pub`)	0644 (-rw-r--r--)
`authorized_keys` (code)	0644 (-rw-r--r--)
`known_hosts`	0644 (-rw-r--r--)

Sources:

openssh check-perm.c
openssh readconf.c
openssh ssh_user_config fix_authorized_keys_perms

Ubuntu – How to change the ssh auth method in vagrant, from password to private key

It's probably a bug of the Ubuntu 14.04 vagrant box. link

I changed the public key on guest OS(./ssh/authorized_keys on guest VM Ubuntu 14.04) to pair with the private key on Host OS, then vagrant works like a charm.

Another solution is deleting the existing private/public key pairs in Host OS, vagrant will generated new one. Not verified.

Best Answer

Related Solutions

SSH – Bad Owner or Permissions on ~/.ssh/config

Ubuntu – How to change the ssh auth method in vagrant, from password to private key

Related Topic