A server: 10.1.11.82
B Server: 10.1.11.210
Ultimate Purpose: Allow a server to access the B server without a password
Operation Idea: Let a server one-way no password access b server, only need to generate a key pair in a server , the generated public key is uploaded to the relevant user directory of Server B in the. SSH directory (not manually created, note that its directory permissions are 700), and change the public key file name to Authorized_keys (note that the permissions of this file should be 644), please note that the. SSH directory and the permissions of the Authorized_keys file, the permissions do not match, will invalidate the configuration. "View execution permissions for all directories with the Ls-la command"
Here's how it works:
1. Generate a password pair on server A:
During the build process there are several options for you to enter the save directory for the key pair and enter the private key, just enter the line.
[[email protected] ~]# ssh-keygen-t RSA
Generating public/private RSA key pair.
Enter file in which to save the key (/ROOT/.SSH/ID_RSA):
Created directory '/root/.ssh '.
Enter passphrase (empty for no passphrase):
Enter same Passphrase again:
Your identification has been saved In/root/.ssh/id_rsa.
Your public key has been saved in/root/.ssh/id_rsa.pub.
The key fingerprint is:
0e:4c:ec:e3:04:98:b0:71:00:91:75:57:ee:56:a1:82 [email protected]
Performing the previous step, the ~/.SSH directory will generate two files Id_rsa and id_rsa.pub, where Id_rsa is the private key, saved in the local, id_rsa.pub is the public key, is to be uploaded to the remote server.
2. Upload the public key to the remote server B that requires no password login and rename it to Authorized_keys:
If there is no. SSH directory on remote server B, create it manually:
[[email protected] ~]# mkdir. SSH
[Email protected] ~]# chmod 755. SSH
Then upload the public key file from server A to remote Server B:
[Email protected] ~]# SCP. ssh/id_rsa.pub [email protected]:/root/.ssh/authorized_keys
The authenticity of host ' 10.1.11.210 (10.1.11.210) ' can ' t be established.
RSA key fingerprint is c9:ef:0c:1b:ac:6c:ef:84:a4:a7:e5:d1:20:58:c8:73.
Is you sure want to continue connecting (yes/no)? Yes
Warning:permanently added ' 10.1.11.210′ (RSA) to the list of known hosts. This step adds remote server B to the known_hosts list of native (server a)
[email protected]′s Password:
Id_rsa.pub 100% 399 0.4kb/s 00:00
3. Testing
After uploading the public key file to remote, immediately from server a login to Server B, if you do not enter a password to login to Server B, indicating success, if you want to enter a password, Check whether the. SSH directory permission is 700 on remote Server B, whether the public key name on the remote server being uploaded is changed to Authorized_keys, and whether the permissions are 644
Multiple Linux servers ssh to each other without password access