Operations 15 min read

How to Set Up rsyslog and SSH Key Authentication on CentOS 8

This guide walks through checking system information, configuring rsyslog on a CentOS 8 client‑server pair, managing syslog/klogd processes, disabling firewalld, and establishing password‑less SSH access using RSA key pairs, while also summarizing useful scp options.

MaGe Linux Operations

Nov 10, 2024

How to Set Up rsyslog and SSH Key Authentication on CentOS 8

Overview

The article demonstrates how to inspect a CentOS 8 system, configure rsyslog for remote logging, and set up SSH key‑based authentication between a client (IP 192.168.222.250) and a server (IP 192.168.222.251).

System Inspection

# cat /etc/redhat-release
CentOS Stream release 8
# uname -r
4.18.0-257.el8.x86_64
# dmesg | head -n 5
[    5.273545] XFS (dm-2): Starting recovery (logdev: internal)
[    5.323019] XFS (dm-2): Ending recovery (logdev: internal)
# tail -f /var/log/messages
Jul 19 16:39:01 lnh systemd-logind[976]: New session 1 of user root.

Two logging daemons run on the system:

syslogd : handles non‑kernel messages.

klogd : records kernel‑generated logs.

Checking Daemons

# ps aux | grep syslogd
root 1194 0.0 0.2 218472 5768 ? Ssl 16:37 0:00 /usr/sbin/rsyslogd -n
# ps aux | grep klogd
root 1362 0.0 0.0 12108 1080 pts/0 S+ 16:51 0:00 grep --color=auto klogd

Configuring the rsyslog Server

1. Clone the virtual machine as a full clone.

2. Define client and server IPs:

lnh (client)   192.168.222.250
xbz (server)   192.168.222.251

3. Edit /etc/rsyslog.conf on both hosts to enable remote logging (uncomment the four lines that forward logs).

4. Restart the service and disable the firewall:

# systemctl restart rsyslog.service
# systemctl stop firewalld.service
# setenforce 0

5. Verify that the server receives logs:

# tail -f /var/log/secure
Jul 19 17:02:19 lnh sshd[1012]: Server listening on :: port 22.
Jul 19 17:02:24 lnh sshd[1012]: Accepted password for root from 192.168.222.1 port 55495 ssh2

SSH Basics

The client (lnh) connects to the server (xbz) using:

# ssh [email protected] '/usr/sbin/ip a'

Host keys are stored in /etc/ssh/ (e.g., ssh_host_ecdsa_key, ssh_host_rsa_key.pub) and the client’s known hosts file ( ~/.ssh/known_hosts) records the server’s public key.

Generating and Deploying RSA Keys

On the client:

# ssh-keygen -t rsa
# ssh-copy-id [email protected]

The public key is copied to ~/.ssh/authorized_keys on the server. Afterward, password‑less login works:

# ssh [email protected]
Last login: Tue Jul 19 17:05:36 2022 from 192.168.222.1

The same steps are repeated in reverse to allow the server to log into the client.

Useful scp Options

-r

: recursive copy -p: preserve permissions -P: specify remote port -q: quiet mode -a: archive mode (preserves all attributes)

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.

Sysadmin rsyslog scp key authentication system logging

Written by

MaGe Linux Operations

Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.

0 followers

Reader feedback

How this landed with the community

Rate this article

Was this worth your time?

Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.