Configure dual-host SSH trust in Linux

Configure dual-host SSH trust in Linux
I. Implementation principle using a "public/private key" authentication method for ssh login. A simple explanation of the "Public/Private Key" authentication method is: first, create a pair of public/private keys on the client (Public Key File :~ /. Ssh/id_rsa.pub; private key file :~ /. Ssh/id_rsa), and then put the public key on the server (~ /. Ssh/authorized_keys) and keep the private key. During ssh Login, the ssh program will send a private key to match the public key on the server. If the match is successful, you can log on. Www.2cto.com 2, experimental environment A machine: TS-DEV/10.0.0.163B machine: CS-DEV/10.0.0.188 3. Linux/Unix dual-host build trust 3.1 generate A certificate on machine A under the root user of machine A to execute the ssh-keygen command, where you need to enter, directly press enter, generate a certificate that establishes a security trust relationship. # Ssh-keygen-t rsa Note: When the program prompts passphrase, enter the carriage return, indicating no certificate password.
The above command generates the Private Key Certificate id_rsa and Public Key Certificate id_rsa.pub, which are stored in the. ssh subdirectory of the user's home directory. 3.2 view ~ /. Ssh key generation file # cd ~ /. Ssh # ll3.3 A establishes A trust relationship with B. Copy the Public Key Certificate id_rsa.pub to the root directory of machine B. in the ssh subdirectory, replace the file name with authorized_keys. In this case, enter the root user password of machine B (no trust relationship has been established ). After the trust relationship between the client and the server is established, the client can copy data from the server without entering the password. # Scp-r id_rsa.pub 10.0.0.188:/root/. ssh/authorized_keys3.4 B. perform the same operation on machine B to Establish A trust relationship between B and. # Ssh-keygen-t rsa # cd ~ /. Ssh/# ll # scp-r id_rsa.pub 10.0.0.163:/root /. ssh/authorized_keys 4. Test on server A: # scp-r 10201_database_linux_x86_64.cpio 10.0.0.188:/tmp/david/on server B: the dual-host trust relationship has been established! Note: If you want both B and C to enable scp to transmit data in A without entering the password;
The public keys of B and C should be given to;
Operation Procedure: copy the data in id_rsa.pub of the two machines to the/root/. ssh/authorized_keys file of A, with one line representing one;