Come on ~ don't hurt each other, trust each other between SSH

Between the two servers SCP or PSSH, each other to transfer files or long-distance control to enter the corresponding password for the other account, this is a very troublesome and annoying thing. How to avoid such a troublesome and annoying thing? This is the SSH trust login.

Suppose A and B are two servers, where a is server,b is the client. A is the party that initiates the SSH request, and B is the party that receives the SSH request.

On a machine, # ssh-keygen-t DSA, this step is to generate a common/private key pair for SSH. After you enter, the following information appears:

Generating Public/private DSA key pair.

Enter file in which to save the key (/ROOT/.SSH/ID_DSA): This step is to select the directory to save the key, directly enter the line

Enter passphrase (empty for no passphrase): This step is to ask whether this trust relationship requires a password, if it is over the hard relationship, naturally do not need a password, so continue to enter

Enter same passphrase again: confirm the last step, triple enter, and then that is, not only generated a "key fingerprint" also generated a pattern.

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/7F/01/wKioL1cPsteBsBB-AABIkcjMw6Q331.png "title=" 1.png " alt= "Wkiol1cpstebsbb-aabikcjmw6q331.png"/>

Then came to/root/.ssh, you will find two more files: Id_dsa and id_dsa.pub, where id_dsa.pub is needed to the B server. Such a key in the form of two copies, a a copy B, two are a pair so the trust relationship has been established.

Enter the IP address of #scp ain the B server:/root/.ssh/id_dsa.pub/root/.ssh, then drag a server's id_dsa.pub file into its/root/.ssh folder and #mv Id_dsa.pub Authorized_keys , if changed to name Authorized_keys2, is through SSH2 way connection.

Now an SSH trust relationship is established between A and B, note! At present, this trust relationship is one-way, that is, a to find a root User B (file in the/root file) to file, is not required to B root user password, if b in turn to find a to file, or a password.

After the change, don't forget to confirm that Authorized_keys's chmod is 644.

If the other machine removes Authorized_keys, then the SCP or PSSH will restore the link to the password. The Linux history connection information is in/var/log/secure.

Reference: http://www.dongwm.com/archives/%E5%85%B3%E4%BA%8Essh%E5%91%BD%E4%BB%A4%E7%A0%94%E7%A9%B6%E4%BB%A5%E5%8F% 8assh%e4%bf%a1%e4%bb%bb%e8%af%a6%e8%a7%a3/

This article is from "Life is waiting for Gordo" blog, please make sure to keep this source http://chenx1242.blog.51cto.com/10430133/1763978

Come on ~ don't hurt each other, trust each other between SSH