Linux ssh password-free login via RSA public key

1,SSHPassword-Free login

Root login 192.168.121.212, and then use the Tomcat account SSH telnet 10.14.13.16, do not need to enter a password, need to achieve the following effect:

[email protected]. ssh]# ssh [email protected] [Email protected] _web1_13_16 ~]$

The idea is to use a key that generates RSA and then copy the generated public key to the/home/tomcat/.ssh/directory on the remote 10.14.13.16.

2,192.168.121.212Generate key above

Log on to the 192.168.121.212 server as root and execute the following command

cd/root/.ssh/

Ssh-keygen-t Rsa-p '

After execution, the two files are generated Id_rsa, id_rsa.pub, where id_rsa.pub is the public key and Id_rsa is the key.

3,CopyPublic Key to10.14.13.16

(1) No Authorized_keys file

# Note that to remotely Copy into Authorized_keys file

SCP id_rsa.pub [Email Protected]:/home/tomcat/.ssh/authorized_keys

(2) Authorized_keys file already exists

First copy the public key into: SCP id_rsa.pub [email protected]:/home/tomcat/.ssh/id_rsa.pub_212; then log in to write the public key to Authorized_ End of keys: Cat id_rsa.pub_212 >> Authorized_keys

4, verify no password login

# validation successful, OK

[email protected]. ssh]# ssh [email protected]

[Email protected] _web1_13_16 ~]$

5, log on to10.14.13.16, set Write permissions

# need to log in to 10.24.13.16 , and then give . SSH Write permissions for the directory

chmod 700/home/tomcat/.ssh

# here are some that need - effective, some need the effective, some need - To take effect, you can gradually try

chmod 750/home/tomcat/.ssh/authorized_keys

6, debugging Method Rollup

(1) Use Ssh-i to see if the key is in effect on 192.168.121.212

[email protected]. ssh]# ssh-i/root/.ssh/id_rsa.pub.192.168.121.212 [email protected]

Enter passphrase for key '/root/.ssh/id_rsa.pub.192.168.121.212 ':

Enter passphrase for key '/root/.ssh/id_rsa.pub.192.168.121.212 ':

[email protected] ' s password:

Last Login:thu-22:01:08 from 192.168.121.212

[[Email protected]_lvdi_dbm1_13_16 ~]

(2) Check the login path with ssh-v on 192.168.121.212

ssh-v [email protected]

(3) Check the log details of your remote login on 10.14.13.16

# if SSH Login has what unusual information, generally can be seen here, this file is very useful

Vim/var/log/secure

PS : If you see a see /home/tomcat/id_rsa Alarm Information too open then SSH If the login fails, need to recover /home/tomcat/id_rsa the permissions that will Id_rsa The private key is set to - Permissions to use SSH No password login ;

Linux ssh password-free login via RSA public key