CentOS 6.4 Configuration SSH password-free authentication

First, the environment

CentOS 6.4x64 Bit

zabbix-c1:192.168.3.29

zabbix-c2:192.168.3.30

Second, the configuration from zabbix-c1 ssh to zabbix-c2 password-free authentication

A key pair is generated on the ZABBIX-C1, and the entire process returns.

[[email protected] ~]# ssh-keygen generating public/private rsa key  Pair. enter file in which to save the key  (/ROOT/.SSH/ID_RSA):  Enter  passphrase  (empty for no passphrase): enter same passphrase  Again: your identification has been saved in /root/.ssh/id_rsa. your public key has been saved in /root/.ssh/id_rsa.pub.the key  Fingerprint is:7d:ca:81:d9:35:c5:ab:7b:93:f0:b8:0f:8a:e8:63:c2 [email protected]the key ' s  RANDOMART IMAGE IS:+--[ RSA 2048]----+|             &NBSP, ....   | |             &NBSP, ....   | |             o  . | |           = .    | |         S +&NBSP, ....    | |          . +o    | |    .      o .= . | |     e o. . .o.=  | |      +o.  . .+.  |+-----------------+

Generate the private key (ID_RSA) and public key (Id_rsa.pub) in the/root/.ssh directory

[[email protected] ~]# ll/root/.ssh/total 12-rw-------1 root root 1675 May 4 09:31 id_rsa #私钥-rw-r--r--1 ro OT root 396 May 4 09:31 id_rsa.pub #公钥-rw-r--r--1 root root 394 Apr 10:29 known_hosts

Third, copy the public key into the Authorized_keys file of the target machine (ZABBIX-C2)

[[Email protected] ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.3.30[email  protected] ' s password:          #这里在第一次连接的时候需要输入密码Now  try logging into the machine, with  "ssh  ' 192.168.3.30 '",  and  check in:  .ssh/authorized_keysto make sure we haven ' t added  extra keys that you weren ' t expecting. #使用ssh登陆到zabbix-c2 Machine, the entire process does not need to enter a password [email  protected] ~]# ssh 192.168.3.30Last login: Mon May  4  09:24:02 2015 from 192.168.3.2[[email protected] ~]# ip a1: lo:  <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN      link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     Inet 127.0.0.1/8 scope host lo    inet6 ::1/128 scope host         valid_lft forever preferred_lft forever2: eth0: <broadcast ,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state up qlen  1000    link/ether 00:0c:29:68:fd:3e brd ff:ff:ff:ff:ff:ff     inet 192.168.3.30/24 brd 192.168.3.255 scope global eth0     inet6 fe80::20c:29ff:fe68:fd3e/64 scope link         valid_lft forever preferred_lft forever[[email protected] ~]#  Hostnamezabbix-c2

Iv. remote execution of commands using SSH protocol

#远程查看内存信息 [[email protected] ~]# ssh 192.168.3.30 free -m              total       used        free     shared     buffers     cachedmem:            988        121         867          0           8         44-/+ buffers/cache:          68        919Swap:          1999           0    &nbsp  1999# Remote View iptables information [[Email protected] ~]# ssh 192.168.3.30 iptables  -L -nChain INPUT  (policy accept) target     prot opt  source                destination         accept     tcp   --  0.0.0.0/0            0.0.0.0/0            multiport dports 10050:10051  accept     all  --  0.0.0.0/0             0.0.0.0/0            state related,established accept     icmp --  0.0.0.0/ 0            0.0.0.0/0            ACCEPT     all  --  0.0.0.0/0             0.0.0.0/0            ACCEPT     tcp  --  0.0.0.0/0             0.0.0.0/0            state NEW tcp dpt:22 REJECT     all   --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited  chain forward  (policy accept) Target     prot opt source                destination          REJECT     all  --  0.0.0.0/0             0.0.0.0/0            reject-with icmp-host-prohibited Chain OUTPUT  (policy accept) target     prot opt source                destination         # Remote View IP address information [[email protected] ~]# ssh 192.168.3.30 ip a1: lo: < loopback,up,lower_up> mtu 16436 qdisc noqueue state unknown      link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet  127.0.0.1/8 scope host lo    inet6 ::1/128 scope host         valid_lft forever preferred_lft forever2: eth0: <broadcast, multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state up qlen 1000     link/ether 00:0c:29:68:fd:3e brd ff:ff:ff:ff:ff:ff     inet 192.168.3.30/24 brd 192.168.3.255 scope global eth0     inet6 fe80::20c:29ff:fe68:fd3e/64 scope link         valid_lft forever preferred_lft forever# viewing hostname information remotely [[email protected] ~]#  ssh 192.168.3.30 hostnamezabbix-c2

This article is from the "ly36843" blog, please be sure to keep this source http://ly36843.blog.51cto.com/3120113/1641591

CentOS 6.4 Configuration SSH password-free authentication