Article Title: SSH password is not required between Linux servers. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Software and hardware environment: Two linux servers A and B
Compile and install the latest openSSH version (recommended)
By default, openSSH allows the root user to directly log in. (PermitRootLoginyes). For the moment, we will first consider how to use SSH to directly log on from A to B without A password. Assume that you use root to log on to, you do not need a password if you want to SSH to B.
1. Log On As root from A and B respectively and run ssh-keygen. The purpose is to create A directory. ssh in/root.
Press ENTER twice during passphase. This will generate/root/. ssh/identity and/root/. ssh/identity. pub
2. Test it first. log on from A as root and enter # ssh B. A prompt of root password will be prompted.
3. Now log on from A as root and run scp/root/. ssh/identity. pubB:/root/. ssh/authorized_keys.
The file name must be correct.
4. Run # ssh B from A now without the password :)
Basic Principles: 1. If you want to SSH from user A as user user1 to user B as user user2, if you want to use RSA key pair authentication and do not need A password, then the ssh background program on user B will take out ~ User2 /. the RSA public key related to A in ssh/authorized_keys is used to challenge the ssh client program running as user1 on. copy pub to B as authorized_keys. Then A maintains the Private Key identity, And the sshd on B takes out the public key of A to challenge. Therefore, to succeed, you can add A lot of lines to authorized_keys to allow the public keys of other servers to be added.
Examples of common applications: 1. Use user rootSSH on user A to user B as normal user rather than root. For security purposes, sometimes you do not need to act as root. You only need to act as normal user without A password to complete relevant work.
Log On As root on
A # scp/root /. ssh/identity. pub href = "mailto: user @ B:/home/user /. ssh/authorized_keys "> user @ B:/home/user /. ssh/authorized_keys
2. tar A batch of files from A to B.
A # tar cvf-/etc | (ssh B tar xvf -)
3. Run cronjob on A, modify A file, and upload it to B.
0 1 *** cat/etc/shadow | awk-F: '{print $1 ":" $2}' | (ssh B 'cat>/home/passwd ')
FAQs: 1. SSH in this way requires the direct root login (PermitRootLoginyes) allowed in sshd_config on B ).
2. I have server A and other server B, C, D. I want to switch from ASSH to these servers but not automatically. It is better to enter RSA passphase, but it is too troublesome. What should I do?
A. Enter passphase when running ssh-keygen on server.
B. log on to A and run A # ssh-agent bash.
C. Run ssh-add and passphase to enter the memory.
D. Run ssh B or SSH C or SSH D again, and the password is no longer required. You only need to enter the password pair once.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
