Linux SSH implementation without password Telnet

First, SSH No password remote login principle

Second, SSH Implementing a password-free remote login

Implement host a without password Telnet Host B

Host a IP address: 10.8.9.154

Host B IP Address: 10.8.9.155

1, host a operation as follows:

[email protected]. ssh]# pwd #一般SSH生成公钥和私密会在. SSH directory, if no this directory can be manually created

/root/.ssh

[email protected]. ssh]# ls #一般. SSH directory There will be a file known_host s, this file primarily records which hosts the local SSH telnet to

Known_hosts

[[email protected]. ssh]# ssh-keygen-t rsa-p ' #执行ssh-keygen generate public and private keys,-p for passwords, ' for empty passwords, also Can not use the –P parameter, this will press three times the return, with-P enter a return

Generating public/private RSA key pair.

Enter file in which to save the key (/ROOT/.SSH/ID_RSA): #按一次回车键即可

Your identification has been saved In/root/.ssh/id_rsa.

Your public key has been saved in/root/.ssh/id_rsa.pub.

The key fingerprint is:

9C:F5:83:54:FD:DA:6B:1A:9B:E3:D8:CF:CA:C9:B3:B4 [email protected]

The key ' s Randomart image is:

+--[RSA 2048]----+

|   .. |

|  .  . |

| O. |

| . + O. |

| S. o O |

| .. .|

| O. |

| *obo |

| .. Eoo |

+-----------------+

[[email protected]. ssh]# ls # id_rsa (private key) id_rsa.pub (public key)

Id_rsa id_rsa.pub known_hosts

[email protected]. ssh]# scp/root/.ssh/id_rsa.pub [email protected]:/root/.ssh/authorized_keys #把主机A/root/ The. Ssh/id_rsa.pub public key is copied to the host B/root/.ssh/authorized_keys file (to confirm that Host B has created a good/root/.ssh directory), because there is no password-free login, so enter the root password of the B host once

[email protected] ' s password: #输入主机B的密码

Id_rsa.pub 100% 0.4kb/s 00:00

Note: Host B directory/root/.ssh/authorized_keys file needs to have read and write permissions, or it will prompt for remote failure

[email protected]. ssh]# ls-l Authorized_keys

-rw-r--r--1 root root 11:47 June 5 Authorized_keys

Now host a can implement SSH without password Telnet Host B (if you need to enter Yes for the first time)

[email protected]. ssh]# ssh [email protected] ' chmod 600/root/.ssh/authorized_keys; ls-l/root/.ssh/authorized_ke Ys ' #执行SSH远程主机B修改authorized_keys文件权限

-RW-------. 1 root root 400 January 6 02:02/root/.ssh/authorized_keys

Special questions:

Issue: If you perform an SCP or SSH command remote connection is particularly slow to display the input password prompt also prompts the error message

[email protected]. ssh]# scp/root/.ssh/id_rsa.pub [email Protected]:/root/.ssh/authorized_keys #执行scp命令远程复制会出现连接缓慢并且还有警告

The authenticity of host ' 10.8.9.155 (10.8.9.155) ' can ' t be established.

RSA key fingerprint is b6:a2:4d:65:af:cf:19:97:99:ff:1e:99:5f:ec:1b:7a.

Is you sure want to continue connecting (yes/no)? Yes #第一次登录, so you need to enter Yes

warning:permanently added ' 10.8.9.155 ' (RSA) to the list of known hosts.

Workaround: Modify the SSH configuration file/etc/ssh/ssh_config, manually add Gssapiauthentication No

[email protected]. ssh]#vim/etc/ssh/ssh_config

Gssapiauthentication No

[email protected]. ssh]# scp/root/.ssh/id_rsa.pub [email Protected]:/root/.ssh/authorized_keys

[email protected] ' s password:

Linux SSH implementation without password Telnet