Azure Linux VM Key Login

Azure Linux VMSKey LoginPrerequisites:

Two Linux virtual machines are created on Azure , and the other one is already using the "ssh-keygen-t RSA" command to create the public key.

( If you do not need to modify, directly enter two times, the default save path is "~/.ssh/")

Operation steps:

will be "~/.ssh/id_rsa.pub" This file is copied to "40.125.167.182" Server's "~/.ssh/" directory and renamed to "Authorized_keys" .

[email protected]. ssh]$ SCP id_rsa.pub [email Protected]:/home/wangruifeng/.ssh/authorized_keys

The authenticity of host ' 40.125.167.182 (40.125.167.182) ' can ' t be established.

ECDSA key fingerprint is sha256:utvm2xgmadxer1jjks33wx/ngx5izy0djl8mxxxquse.

ECDSA key fingerprint is md5:d5:3f:dd:ff:3a:dc:44:15:dd:37:fc:31:04:6a:8c:7e.

Is you sure want to continue connecting (yes/no)? Yes

warning:permanently added ' 40.125.167.182 ' (ECDSA) to the list of known hosts.

[email protected] ' s password:

Id_rsa.pub 100% 400 408.3KB/S 00:00

Modify"40.125.167.182"Server's"~/.ssh/"directory permissions are the,"~/.ssh/authorized_keys"file permissions are -.

( This is the linux security requirement, and automatic login will not take effect if the permissions are not correct.) )

using ssh connection again, key login has been implemented:

Troubleshooting:

You may also be prompted to enter a password for a workaround:

1) If an alarm appears:"Address x.x.x.x maps to localhost, but this does not map back to the address-possible break-in Attem Pt! " .

Execute the following command on the "XXXXX" ( Connect-side ) Server:

echo "Gssapiauthentication no" >> ~/.ssh/config

Execute the "vi/etc/ssh/sshd_config" command on the "XXXXX" ( connected ) Server and modify the following two entries to "No" :

"Gssapiauthentication No"

"Usedns No"

2) If an alarm appears:"Agent admitted failure to sign using the key."

Execute command:"Ssh-add" ( Add the private key to the ssh-agent cache )

if not, execute the command:"PS-AF | grep Agent "

( check if the SSH agent is on,kill the agent if it is turned on)

then execute "Ssh-agent" ( re-open an ssh proxy )

if not, continue with the command:"sudo service sshd restart" (Restart ssh services )

3) View the SELinux status by command "/usr/sbin/sestatus-v" if the "selinux status" parameter is "Enabled" ( Enabled ), turn off SELinux.

temporary shutdown method (without restarting the machine):"Setenforce 0"

Modify the profile shutdown method (requires restarting the machine): Execute the command "/etc/selinux/config"and change "selinux=enforcing" to "selinux= Disabled

4) Execute the command "Vim/etc/ssh/sshd_config" to remove the comments from the following three lines:

"Rsaauthentication yes"

"Pubkeyauthentication yes"

"Authorizedkeysfile. Ssh/authorized_keys"

SshPassword-Free login principle:

In this way you need to create a pair of keys for yourself on the client server and place the public key on the server that needs to be logged on.

When you want to connect to the server, the client requests the server to use the key for secure authentication.

After the server receives the request, it looks for your public key in the home directory of the user you requested to log on on that server,

Then compare it with the public key you sent over.

If the two keys are the same, the server encrypts the "challenge" with the public key and sends it to the client.

After the client receives a "challenge", it decrypts it with its own private key and sends it to the server.

Usage Scenarios:

1) rsync automatic backup password-free login;

2) The cluster environment needs the communication between the hosts;

3) automatically deploy the project and put the compiled War package on the correct server.

Azure Linux VM Key Login