问题
How do I configure my EC2 machines inside a VPC to be able to ssh without password or key between them?
What i'm trying to do is access one machine (which has a public IP) and from this machine access all others freely.
Is it even possible?
回答1:
Firstly all the machines in your VPC need to be set up to accept the key from your local machine - it's up to you whether you distribute this manually, or use an automated tool such as Chef to do this for you.
Next you need to run an ssh-agent on your local machine, and give it your keys. basically this sits in the background and hands out keys whenever your ssh client needs them. On Windows you can use Pageant, which plays nicely with PuTTY. If you're using Linux, you'll need to run ssh-agent, and use ssh-add to give it your keys. Note that it's perfectly possible to run the ssh-agent automatically, so you can still use scripts - I set mine up following this.
Finally, you need to allow SSH agent forwarding when you make the initial connection to your publicly visible AWS server. In PuTTY you do this under SSH / Auth / Allow agent forwarding (Make sure you don't specify a private key file). From a Linux command line, you need to edit your ~/.ssh/config file. There's a good guide on setting this up here
回答2:
You have two options:
Use SSH agent to pass your key to the other server over the ssh connection. This method is safer as the private key is never installed on the server, but wont work well for scripts that need to connect via ssh.
Generate a key on the server you are connecting from and install the public key on server you want to connect to.
来源:https://stackoverflow.com/questions/29973869/ssh-freely-inside-aws-vpc