Scenario: You have a web script (php, ruby, python, or so) that need to ssh over a remote machine to do stuff. How you do set up ssh key for the apache deamon user?

After some dig out, here’s the steps, mostly taken from (Boredworkers.com):

Make key for apache daemon
1. log in to source server as root
2. create .ssh directory for apache user. Make sure you have the ownership right:

$ mkdir /var/www/.ssh
$ chown -R apache:nobody /var/www/.ssh

3. Generate the ssh-key authentication key as user apache using sudo. Use the default file location and leave empty when prompted for passphrase.

$ sudo -u apache ssh-keygen -t rsa

4. Append apache’s public key to destination server

$ sudo -u apache cat .ssh/id_rsa.pub | ssh dest_user@dest_server 'cat >> /var/www/.ssh/authorized_keys'

5. Test the set up. You’ll see that you can now run ssh commands without being prompted for the user password:

$ sudo -u apache ssh dest_user@dest_server

refernce: http://www.boredworkers.com/2009/08/24/script-tips-ssh-key-for-apache/

廣告