SSH password-free Login
SSH password-less logon requires the public key and private key. In Linux, ssh-keygen can be used to generate public/private key pairs. The following uses CentOS as an example.
There are machines A (192.168.1.155) and B (192.168.1.181 ). Now I want A to log on to B via ssh without A password.
1. Generate A public/private key pair on host.
[Bkjia @ A ~] $ Ssh-keygen-t rsa-p''
-P indicates the password.-P ''indicates that the password is empty, or you do not need the-P parameter. In this case, you have to press enter three times and press enter once with-P.
It generates the. ssh directory under/home/bkjia, and id_rsa and id_rsa.pub under. ssh.
2. Copy id_rsa.pub under machine A to machine B. In the. ssh/authorized_keys file of machine B, I use scp to copy.
[Bkjia @ A ~] $ Scp. ssh/id_rsa.pub [email protected]:/home/bkjia/id_rsa.pub
[Email protected]'s password:
Id_rsa.pub 100% 223 0.2KB/s
Because no password-free logon is available, you need to enter the password.
3. Machine B adds id_rsa.pub copied from machine A to the. ssh/authorzied_keys file.
[Bkjia @ B ~] $ Cat id_rsa.pub>. ssh/authorized_keys
[Bkjia @ B ~] $ Chmod 600. ssh/authorized_keys
The authorized_keys permission is 600.
4. Machine A logs on to machine B.
[Bkjia @ A ~] $ Ssh 192.168.1.181
The authenticity of host' 192. 168.1.181 (192.168.1.181) 'can't be established.
RSA key fingerprint is 00: a6: a8: 87: eb: c7: 40: 10: 39: cc: a0: eb: 50: d9: 6a: 5b.
Are you sure you want to continue connecting (yes/no )? Yes
Warning: Permanently added '192. 168.1.181 '(RSA) to the list of known hosts.
Last login: Thu Jul 3 09:53:18 2008 from bkjia
[Chenlb @ B ~] $
When logging on for the first time, you must enter yes.
Now machine A can log on to machine B without A password.
Summary: The logon host has a private key, and the logged-on host must have a public key. This public/private key pair is generally generated on the host machine of the private key. The above is a public/private key pair using the rsa algorithm. Of course, you can also use dsa (the corresponding file is id_dsa, id_dsa.pub)
If you want A and B to log on to each other without A password, configure the same method as above.
How to Improve the SSH login authentication speed of Ubuntu
Enable the SSH service to allow Android phones to remotely access Ubuntu 14.04
How to add dual authentication for SSH in Linux
Configure the SFTP environment for non-SSH users in Linux
Configure and manage the SSH service on Linux
Basic SSH tutorial
SSH password-free logon details
This article permanently updates the link address: