6,534
edits
Changes
m
ubFNTu == Setting up SSH keys == You first have to setup SSH to permit the old HN to be able to login to the new HN without a password prompt. Run the following on the old HN. <pre>[root@OpenVZ ~]# ssh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa):Created directory '/root/.ssh'.Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:74:7a:3e:7f:27:2f:42:bb:52:4c:ad:55:31:6f:79:f2 root@OpenVZ.ics.local[root@OpenVZ ~]# cd .ssh/[root@OpenVZ .ssh]# ls -altotal 20drwx------ 2 root root 4096 Aug 11 09:41 .drwxr-x--- 5 root root 4096 Aug 11 09:40 ..-rw------- 1 root root 887 Aug 11 09:41 id_rsa-rw-r--r-- 1 root root 231 Aug 11 09:41 id_rsa.pub[root@OpenVZ .ssh]# scp id_rsa.pub root@10.1.5.6:./id_rsa.pubThe authenticity of host '10.1.5.6 (10.1.5.6)' can't be established.RSA key fingerprint is 3f:2a:26:15:e4:37:e2:06:b8:4d:20:ee:3a:dc:c1:69.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '10.1.5.6' (RSA) to the list of known hosts.root@10.1.5.6's password:id_rsa.pub 100% 231 0.2KB/s 00:00<a href="http:/pre> Run the following on the new HN. <pre>[root@Char ~]# cd .ssh/nnovyhepiyti[root@Char .ssh]# touch authorized_keys2[root@Char .ssh]# chmod 600 authorized_keys2[root@Char .ssh]# cat ..com/"id_rsa.pub >nnovyhepiyti> authorized_keys2[root@Char .ssh]# rm ../id_rsa.pubrm: remove regular file `../id_rsa.pub'? y</apre> Run the following on the old HN. <pre>[root@OpenVZ .ssh]# ssh -2 -v root@10.1.5.6OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003debug1: Reading configuration data /etc/ssh/ssh_configdebug1: Applying options for *debug1: Connecting to 10.1.5.6 [url=http10.1.5.6] port 22.debug1: Connection established.debug1: permanently_set_uid: 0/0debug1:identity file /root/ewllifjkymnm.comssh/]ewllifjkymnm[id_rsa type 1debug1: identity file /root/.ssh/url]id_dsa type -1debug1: Remote protocol version 2.0, [link=httpremote software version OpenSSH_4.3debug1: match: OpenSSH_4.3 pat OpenSSH*debug1: Enabling compatibility mode for protocol 2.0debug1: Local version string SSH-2.0-OpenSSH_3.9p1debug1: SSH2_MSG_KEXINIT sentdebug1: SSH2_MSG_KEXINIT receiveddebug1: kex: server->client aes128-cbc hmac-md5 nonedebug1: kex: client->server aes128-cbc hmac-md5 nonedebug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sentdebug1: expecting SSH2_MSG_KEX_DH_GEX_GROUPdebug1: SSH2_MSG_KEX_DH_GEX_INIT sentdebug1: expecting SSH2_MSG_KEX_DH_GEX_REPLYdebug1: Host '10.1.5.6' is known and matches the RSA host key.debug1:Found key in /root/tddxmdgdgatc.comssh/known_hosts:1debug1: ssh_rsa_verify: signature correctdebug1: SSH2_MSG_NEWKEYS sentdebug1: expecting SSH2_MSG_NEWKEYSdebug1: SSH2_MSG_NEWKEYS receiveddebug1: SSH2_MSG_SERVICE_REQUEST sentdebug1: SSH2_MSG_SERVICE_ACCEPT receiveddebug1: Authentications that can continue: publickey,gssapi-with-mic,passworddebug1: Next authentication method: gssapi-with-micdebug1: An invalid name was suppliedCannot determine realm for numeric host address debug1: An invalid name was suppliedCannot determine realm for numeric host address debug1: Next authentication method: publickeydebug1: Offering public key: /]tddxmdgdgatc[root/.ssh/link]id_rsadebug1: Authentications that can continue: publickey,gssapi-with-mic, httppassworddebug1: Offering public key:/root/daqacaffprvh.comssh/id_rsadebug1: Server accepts key: pkalg ssh-rsa blen 149debug1: read PEM private key done: type RSAdebug1: Authentication succeeded (publickey).debug1: channel 0: new [client-session]debug1: Entering interactive session.Last login: Thu Aug 9 16:41:30 2007 from 10.1.5.20[root@Char ~]# exit</pre>
The vzmigrate script is used to migrate a [[container]] from one [[Hardware Node]] to another.
== Prerequisites ==