azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fee9cc01ac20da81313e8edf8916e49b5dd1ef69
claudetools/SSH_ACCESS_SETUP.md

139 lines
3.4 KiB
Markdown
Raw Blame History

# SSH Passwordless Access Setup
**Problem:** Automated deployments require password entry, causing delays and requiring manual intervention.
**Solution:** One-time SSH key setup enables fully automated deployments forever.
---
## Quick Setup (One Command)
Run this PowerShell command **once** with your RMM password:
```powershell
cd D:\ClaudeTools
.\setup-ssh-keys.ps1
```
When prompted for password, enter your RMM password. You'll enter it **3 times total** (for pscp, mkdir, and key install).
**After this ONE-TIME setup:**
- `deploy.ps1` will work without ANY prompts
- `pscp` commands work automatically
- `plink` commands work automatically
- No more 4-hour debugging sessions due to deployment issues
---
## What It Does
1. **Generates SSH key pair** (already done: `~/.ssh/id_rsa`)
2. **Copies public key** to RMM server
3. **Configures authorized_keys** for guru user
4. **Tests passwordless access**
Total time: 30 seconds
---
## Alternative: Manual Setup
If you prefer to do it manually:
```bash
# 1. Copy public key to RMM server
pscp %USERPROFILE%\.ssh\id_rsa.pub guru@172.16.3.30:/tmp/claude_key.pub
# 2. SSH to RMM and install key
plink guru@172.16.3.30
mkdir -p ~/.ssh
chmod 700 ~/.ssh
cat /tmp/claude_key.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
rm /tmp/claude_key.pub
exit
# 3. Test passwordless access
plink -batch guru@172.16.3.30 "echo 'Success!'"
```
---
## Verification
After setup, this command should work WITHOUT password prompt:
```powershell
plink -batch guru@172.16.3.30 "echo 'Passwordless SSH working!'"
```
**Expected output:** `Passwordless SSH working!`
**If it prompts for password:** Setup failed, re-run `setup-ssh-keys.ps1`
---
## Why This Matters
**Before SSH keys:**
- Every `deploy.ps1` run requires 3-5 password entries
- Cannot run automated deployments
- Manual file copying required
- High risk of deploying wrong files
- 4+ hours wasted debugging version mismatches
**After SSH keys:**
- `.\deploy.ps1` - ONE command, ZERO prompts
- Fully automated version checking
- Automatic file deployment
- Service restart without intervention
- Post-deployment verification
- **Total deployment time: 30 seconds**
---
## Security Notes
**SSH Key Location:** `C:\Users\MikeSwanson\.ssh\id_rsa` (private key)
**Public Key Location:** `C:\Users\MikeSwanson\.ssh\id_rsa.pub`
**Key Type:** RSA 4096-bit
**Passphrase:** None (enables automation)
**Access:** Only your Windows user account can read the private key
**RMM Access:** Only guru@172.16.3.30 can use this key
**Note:** The private key file has restricted permissions. Keep it secure.
---
## Troubleshooting
**"FATAL ERROR: Cannot answer interactive prompts in batch mode"**
- SSH keys not installed yet
- Run `setup-ssh-keys.ps1` to install them
**"Permission denied (publickey,password)"**
- authorized_keys file has wrong permissions
- On RMM: `chmod 600 ~/.ssh/authorized_keys`
**"Could not resolve hostname"**
- Network issue
- Verify RMM server is reachable: `ping 172.16.3.30`
---
## Next Steps
1. **Run setup script:** `.\setup-ssh-keys.ps1`
2. **Verify it works:** `plink -batch guru@172.16.3.30 "whoami"`
3. **Deploy safeguards:** `.\deploy.ps1`
4. **Never waste 4 hours again**
---
**Status:** SSH key generated ✓
**Action Required:** Run `setup-ssh-keys.ps1` once to install on RMM server
**Time Required:** 30 seconds
**Password Entries:** 3 (one-time only)
**Future Password Entries:** 0 (automated forever)
Reference in New Issue View Git Blame Copy Permalink