First, SSH free-secret configuration
SSH login with no password to use the public and private keys. Linux can be used to generate a public/private key pair with Ssh-keygen, below I take CentOS as an example.
There is machine A (192.168.1.155), B (192.168.1.181). Now want to a through SSH password-free login to B.
1. Generate a public/private key pair under the a machine.
[[email protected] ~]$ ssh-keygen-t rsa-p '
-P for the password,-p ' means the empty password, you can not use the-p parameter, so that three cars to enter, with-P on a return.
It generates the. SSH directory under/HOME/CHENLB, with Id_rsa and id_rsa.pub under SSH.
2. Copy the id_rsa.pub under the A machine to B machine, in the. ssh/authorized_keys file of B machine, I use SCP to copy.
Since there is no password-free login, enter the password.
The 3.B machine adds the id_rsa.pub copied from a machine to the. ssh/authorzied_keys file.
The following is a list of permissions for the. SSH directory and sub-files:
drwx------ 2 Hadoop hadoop 4096 2014-06-02 15:32. DRWXR-xr-x hadoop 4096 2014-06-02 15:06.. -rw-r--r-- 1 Hadoop hadoop 2252 2014-06-02 15:32 authorized_keys-rw------- 1 hadoop hadoop 668 2014-06-02 15:11 id_dsa-rw-r--r-- 1 hadoop hadoop 615 2014-06-02 15:11 ID_DSA. Pub-rw------- 1 hadoop hadoop 1675 2014-06-02 15:32 id_rsa-rw-r--r-- 1 Hadoop hadoop 407 2014-06-02 15:32 Id_rsa. pub-rw-r--r-- 1 hadoop hadoop 442 2014-06-02 15:08 known_hosts
4.A Machine login B machine.
The first time you log in is when you want to enter Yes.
Now a machine can be no password login B machine.
Summary: Log on the machine can have a private key, the machine to be logged on to have the public key of the machine. This public/private key pair is typically generated on the private key host. Above is the RSA algorithm's public/private key pair, of course, you can also use DSA (the corresponding file is id_dsa,id_dsa.pub)
Want to let A, B machine without password mutual login, that machine is configured in the same manner as above.
Reference: Ssh-keygen usage http://blog.163.com/[email protected]/blog/static/158584272007101862513886/
Second, SSH password-free login failed to find the wrong method
1. View SSH running status
Ps-e | grep ssh
If sshd and ssh-agent are found to indicate that the SSH service is basically functioning properly
2. Generate public and private keys
Ssh-keygen-t rsa-p ""
3. Append the public key to the file
Cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
4. Test
SSH localhost
If you find that you can log in without entering your password, the SSH password-free mechanism is successful.
5. One of the reasons for the failure:. Permissions issues for SSH and its subordinate sub-files:
The preferred. SSH directory permissions are 700, two DSA and RSA private key permissions are 600, and the remaining file permissions are 644.
The following is a list of permissions for the. SSH directory and sub-files:
DRWX------ 2 Hadoop hadoop 4096 2014-06-02 15:32. DRWXR-xr-x hadoop 4096 2014-06-02 15:06.. -rw-r--r-- 1 Hadoop hadoop 2252 2014-06-02 15:32 authorized_keys-rw------- 1 hadoop hadoop 668 2014-06-02 15:11 id_dsa-rw-r--r-- 1 hadoop hadoop 615 2014-06-02 15:11 ID_DSA. Pub-rw------- 1 hadoop hadoop 1675 2014-06-02 15:32 id_rsa-rw-r--r-- 1 Hadoop hadoop 407 2014-06-02 15:32 Id_rsa. pub-rw-r--r-- 1 hadoop hadoop 442 2014-06-02 15:08 known_hosts
6. Permissions issues for the parent directory of SSH (my question is here):
The parent directory file permission for SSH should be 755, which is the user file of the owning user (a user file from/home).
"Linux" SSH password-free login
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
