In order to allow scripts on one server (say rest.livecode.world) to execute shell commands on another server (for instance to access the filesystem) we need to provide the same sort of password-less public key access that we enable on the laptop.
This means generating ssh keys on the server in question and copying the public key from that server to the other server. Since this is a public server and therefore constantly available to anyone on the internet such password-less key access is not to be recommended on anything you do not wiping and getting back up and running from source.
# First generate a key-pair
ssh fortyfoxes@rest.livecode.world fortyfoxes@LiveWorld:~/.ssh$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/fortyfoxes/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/fortyfoxes/.ssh/id_rsa. Your public key has been saved in /home/fortyfoxes/.ssh/id_rsa.pub. The key fingerprint is: 56:56:63:c4:f6:2c:7c:67:dd:74:69:bc:6a:05:ff:c0 fortyfoxes@LiveWorld The key's randomart image is: +--[ RSA 2048]----+ | o= . .| | ooo +o| | oo ++.=| | o o E+=| | S oo+.| | . o .| | . | | | | | +-----------------+
# Copy remote public key to your laptop
Either in another terminal window or `exit` from your remote sessions and copy the default remote public key to your local `.ssh` folder:
ssh fortyfoxes@rest.livecode.world cat /home/fortyfoxes/.ssh/id_rsa.pub > lcw.pub
You might want to refresh your memory about how you pipe or write / append data to files:
Here we look at the basics of writing files, piping data and appending data to file outputs.
You only need to copy the new public key to your laptop if you don't have ssh-copy-id on the remote server. Otherwise you could stay logged into the remote server and issue a simple ssh-copy-id command there.
You can look at these links to figure out how to copy these files without using cch-copy-di:
- https://unix.stackexchange.com/questions/255883/cat-file-pipe-another-cat-command - https://www.digitalocean.com/docs/droplets/how-to/add-ssh-keys/to-existing-droplet/#with-ssh
# Force ssh-copy-id to upload copied key
Now you can use ssh-copy-id to copy the new public key from the (rest.livecode.world) server to the other (fedwiki.org) remote server.
The issue here is that ssh-copy-id requires both the public and private key to do it's checking. That's all right - simply use the `- f` option to override checking - superuser 
ssh-copy-id -f -i ~/.ssh/lcw.pub user@fedwiki.org
Now you can login into the first server and from there check you can ssh to the second server. A cooler way to do the same thing is to proxy to the second server:
ssh -tt fortyfoxes@rest.livecode.world ssh -tt user@fedwiki.org ls -la
Neater still is to use the `-J` or jump syntax:
ssh -J fortyfoxes@rest.livecode.world user@fedwiki.org ls -la
- https://www.cyberciti.biz/faq/linux-unix-ssh-proxycommand-passing-through-one-host-gateway-server/ - https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Proxies_and_Jump_Hosts
# Enabling access to www-data
su - www-data -c 'ssh user@fedwiki.org ls /user/.wiki/'
- https://serverfault.com/questions/260756/allow-scp-ssh-for-www-data-user - https://askubuntu.com/questions/702060/how-to-give-permissions-to-www-data-to-log-in-with-ssh