Home > Developer > Linux

Linux-ssh Password-Free login

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Principle

In the traditional SSH authentication process, the server (passive connection side) verifies the user's identity by verifying the user name and password sent by the client (active connection side). In addition to the authentication method of the user name and password, the server can verify the identity of the client by saving and using the public key of the client, which can be understood as the public key in the PKI system.

Know_hosts: Stores public key information for a known server.

Authorized_keys: Stores public key information for known clients.

Id_rsa.pub: Stores public key information.

Id_rsa: Stores private key information.

which

    • The permissions for the. SSH directory must be 700.
    • The. ssh/authorized_keys file permission must be 600.
Verification process:
    1. Before the client logs on, the client places the public key on the server to be logged on.
    2. The client sends public key information to the server, requesting to specify user authentication.
    3. The server side looks for the corresponding user home directory under the home directory to look for the public key.
    4. The server side uses the found public key to encrypt the data and send it to the client.
    5. The client decrypts it with its own private key, and then sends it to the server side.
    6. Server-side authentication before and after the message is consistent, in order to confirm the user identity.
Environment
    • Centos7_x86_64
    • Windows10
    • Xshell
    • OpenSSH
Steps

1. Generate an asymmetric key pair.

1 #生成SSH使用的公钥和私钥只用户家目录下的. SSH directory 2 Ssh-keygen -t RSA

2. Create a Authorized_keys file.

1 #创建. authorized_keys file 2 Touch Authorized_keys 3 #修改文件权限信息 4 chmod  Authorized_keys

3. Append the client's public key information to the server-side Authorized_keys file.

1 #拷贝公钥信息至authorized_keys文件 2 ssh-copy-ID -I. ~/. ssh/id_rsa.pub34SCP -P ~/. ssh/id_rsa.pub [email protected]<remote_ip>:/root/. ssh/authorized_keys56cat ~/. ssh/id_rsa.pub >> ~/. ssh/authorized_keys

Linux-ssh Password-Free login

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More