SSH Password-free login settings under Linux

It's a bit annoying to use passwords every time you log in to a remote host, and here's a way to use SSH keys for password-free logins.

SSH key generation

ssh-keygen: This command is used to generate the key.

The following command options are commonly used:

• - t: Used to specify the key type, RSA or DSA, generally using RSA;
• - B: Specify the key length;
• - e: reads OpenSSH's private key or public key file;
• - C: Add comments;
• - F: Specifies the file name used to hold the key;
• -I: reads the unencrypted SSH-V2-compatible private key/public key file, and then displays the OpenSSH-compatible private key/public key on the standard output device;
• - L: Displays the fingerprint data of the public key file;
• - N: Provide a Xinmi language;
• - P: Provide (old) passphrase;
• - Q: Silent mode.

Demo:

ssh-keygen -t rsa -P abcdefg -f demo -C ‘just a demo key‘

The above statement, meaning: Create a secret word for ABCDEFG, annotated as just a demokey, named demo keys, there will be two files generated,demo(private key) and Demo.pub(Public key). to make a password-free login, you need to set the passphrase to null.

To deploy a public key file to a remote host

The command is as follows:

# 本地执行：# 将公钥文件上传至服务器tmp目录下scp ~/.ssh/demo.pub [email protected]:/tmp# 服务器执行：# 将公钥内容追加至authorized_keys文件中，并修改其权限为600mkdir -p ~/.sshcat /tmp/demo.pub >> ~/.ssh/authorized_keyschmod 600 ~/.ssh/authorized_keys

At this point, you can implement password-free login, command: SSH [email protected]

Local Configuration (optional)

vi ~/.ssh/config# 请求配置ServerAliveInterval 30  # 该选项表示客户端每隔30秒会向服务器发送一个请求，不执行任何操作，确保主机不会因为闲置断开连接# 主机配置，Host表示别名，HostName输入IP，User即登录用户名，IdentityFile则是上传至服务器的公钥所对应的私钥路径。Host demo-root    HostName 10.211.55.5    User root    IdentityFile ~/.ssh/demo

If configured above, the alias login can be implemented, eliminating the hassle of memory server IP.

Command: SSH demo-root

SSH Password-free login settings under Linux