Automatic logon through SSH Channel

Http://zhangjunhd.blog.51cto.com/113473/156307

 

 

Automatic SSH logon methods

1. Automatic ssh/SCP Method =

A is a local host (that is, a machine used to control other hosts );
B is the remote host (that is, the server of the controlled machine), if the IP address is 192.168.60.110;
Both system A and system B are Linux

Run the following command on:
# Ssh-keygen-t rsa (Press enter three times in a row to generate a public key and a private key in the keystore without a password)
# SSH root@192.168.60.110 "mkdir. Ssh" (password required)
# SCP ~ /. Ssh/id_rsa.pub root@192.168.60.110:. Ssh/id_rsa.pub (password required)

Command on B:
# Touch/root/. Ssh/authorized_keys (if this file already exists, skip this one)
# Cat/root/. Ssh/id_rsa.pub>/root/. Ssh/authorized_keys (append the id_rsa.pub content to authorized_keys)

Return to machine:
# SSH root@192.168.60.110 (password not required, login successful)(Note: The system will prompt you to enter the password of the key pair when generating the key pair. Press enter directly. Do not enter the password. Otherwise, the password is still required after the channel is opened, only the password set here is used)Note:
The authorized_keys File Permission is very important (it is said that if it is set to 777, you still need to provide a password when logging on .)

My successful experience is

Chmod 604 authorized_keys

If you cannot log on at this time, the read permission of your directory is definitely incorrect. Make sure that your/home/xuxm /. SSH directory and your root directory/home/Xuxm

My successful experiences

/Home/xuxm 755
/Home/xuxm/. Ssh 755

/Home/xuxm/. Ssh/authorized_keys 604

 

2. Control n machines for Automatic Logon As described above
Then we need n pairs of keys (key and public key). The Ssh-keygen command can change the name of the key pair at will, for example:
# Ssh-keygen-T RSA
Generating public/private RSA key pair.
Enter file in which to save the key (/root/. Ssh/id_rsa):/root/. Ssh/id_rsa_192.168.60.110

In this way, the private key and public key are named id_rsa_192.168.60.110 and id_rsa_192.168.60.110.pub respectively. Then, the content of the id_rsa_192.168.60.110.pub file is appended to the content of the sever ~ In the/. Ssh/authorized_keys file, specify the local key using the-I parameter of the local SSH command, and log on:
# Ssh-I/root/. Ssh/id_rsa_192.168.60.110 someone@192.168.60.110

The same is true for SCP.
# SCP-I/root/. Ssh/id_rsa_192.168.60.110 filename:/home/someone

Add the following two lines to the file. bashrc. You do not need to input such a long command every time you perform the same operation:
Alias sshcell = 'ssh-I/root/. Ssh/id_rsa_192.168.60.110 110'
Alias scpcell = 'scp-I/root/. Ssh/id_rsa_192.168.60.110 filename someone@192.168.60.110:/home/someone'

In this way, enter the command to implement SSH and SCP Automatic Logon:
# Sshcell
# Scpcell

3. Automatic ssh/SCP script
If you need to access C from A to B, then SSH and SCP are required twice, which is troublesome.
SSH Automatic Logon:
#! /Usr/bin/CT-F
Set timeout 30
Spawn SSH weiqiong @ B
Reset CT "Password :"
Send "pppppp \ r"
CT "] *"
Send "ssh weiqiong @ C \ r"
Reset CT "Password :"
Send "pppppp \ r"
Interact

SCP Copies files from A to C:
#! /Usr/bin/CT-F
Set timeout 300
Set file [lindex $ argv 0]
Spawn SCP $ file weiqiong @ B:/home/weiqiong
Reset CT "Password :"
Send "pppppp \ r"
CT "] *"
Spawn SSH weiqiong @ B
Reset CT "Password :"
Send "pppppp \ r"
CT "] *"
Send "SCP $ file weiqiong @ C:/home/weiqiong \ r"
Reset CT "Password :"
Send "pppppp \ r"
CT "] *"
Exit
Interact

SCP Copies files from C to:
#! /Usr/bin/CT-F
Set timeout 300
Set file [lindex $ argv 0]
Spawn SSH weiqiong @ B
Reset CT "Password :"
Send "pppppp \ r"
CT "] *"
Send "SCP weiqiong @ C:/home/weiqiong/$ file. \ r"
Reset CT "Password :"
Send "pppppp \ r"
CT "] *"
Send "Exit \ r"
CT "] *"
Spawn SCP weiqiong @ B:/home/weiqiong/$ file.
Reset CT "Password :"
Send "pppppp \ r"
Interact

4. Create an SSH/SCP Channel
For example, if my machine is a, the intermediate server is B, and the target server is C <br>
From A to B, from B to C, but a cannot directly SSH to C <br>
Now we will use SSH channel technology to directly transfer files from A to C <br>
1. Ssh-l1234: C: 22 userid @ B <br>
Input B's password <br>
(Port 1234 is the idle port of host a. This Command requires the root user permission on host a. In fact, a channel is established on port 1234 of the host.) <br>

2. Open a new console and type: <br>
SCP-p1234 filename userid @ localhost: <br>
Input C's password