Linux SSH password-free login configuration Summary
I. Principles
We use ssh-keygen to generate the private key and public key on ServerA, copy the generated public key to the remote server B, you can use the ssh command to log on to another server B without a password.
There are two encryption methods to generate a public key and a private key: rsa (default) and dsa.
/Usr/bin/ssh-keygen-t [rsa | dsa]
If ssh-keygen is directly executed, rsa is used by default to generate the public key and private key.
Ii. Procedure
After understanding the principles of mutual trust, we can effectively separate the steps for configuring ssh mutual trust.
1. Generate their respective Authenticated key files on the machines to be configured with mutual trust (web-15 and web-211.
2. summarize all key files into a total authentication file.
3. Distribute the total Authentication Files to machines that want mutual trust (web-211, web-15)
4. Mutual Trust Verification
For example, there are two machines:
Host |
User |
192.168.27.211 |
Web211 |
192.168.27.15 |
Web15 |
Step 1: log on to 192.168.27.211 and switch to the web211 user.
1. [web211 @ master01 ~] $/Usr/bin/ssh-keygen-t rsa
Press enter three times. In ~ The following id_rsa (Private Key) id_rsa.pub (Public Key) files are generated under the/. ssh/directory.
Step 2: log on to 192.168.27.15 and switch to the web15 user
1. [web15 @ Node03 ~] $/Usr/bin/ssh-keygen-t rsa
2. [web15 @ Node03 ~] $ Cat ~ /. Ssh/id_rsa.pub> ~ /. Ssh/authorized_keys
Step 3: Summarize id_rsa.pub to the authorized_keys file on 192.168.27.15
1. [web15 @ Node03 ~] $ Ssh web211@192.168.27.211 cat/home/web211/. ssh/id_rsa.pub> ~ /. Ssh/authorized_keys
Step 4: distribute the authorized_keys File above 192.168.27.15 to 192.168.27.211
1. [web15 @ Node03. ssh] $ scp ~ /. Ssh/authorized_keys web211@192.168.27.211 :~ /. Ssh/authorized_keys
Step 5: modify the permissions of the authorized_keys file. Only the current trusted users can read and write the file. Otherwise, the SSH security check will fail.
15 and 211 have to be executed: This step makes me suffer for a long time, which is why I take notes.
1. chmod 600 ~ /. Ssh/authorized_keys
So far, the mutual trust configuration is complete, and check whether it is successful.
1. [web15 @ Node03. ssh] $ ssh web211@192.168.27.211
2. [web211 @ master01 ~] $ -- Here it is changed to web211, indicating that the login-free access to 92.1627.211
You may also like the following SSH-related articles. For details, refer:
Complete SSH service configuration and troubleshooting in Ubuntu
How to install Samba and SSH server in Ubuntu 14.04
SSH service remote access to Linux Server login is slow
How to Improve the SSH login authentication speed of Ubuntu
Enable the SSH service to allow Android phones to remotely access Ubuntu 14.04
How to add dual authentication for SSH in Linux
Configure the SFTP environment for non-SSH users in Linux
Configure and manage the SSH service on Linux
This article permanently updates the link address: