Jenkins Advanced series of--09 configuration Linux system ssh password-free login

full description of SSH authentication:https://www.ibm.com/developerworks/cn/linux/security/openssh/part1/

Description: Point me to check

Today we only say to generate SSH key, so as to achieve the purpose of password-free landing.

Do not know what SSH is to look at the description. All right, no more nonsense.

System: CentOS 5.8

2. Confirm User
   

   Confirm that the current user is the user you need!

   $ whoamifroad    #froad用户, select users according to your own needs. I use Froad user demo here.

4. Generate key

   $ cd ~ #回到用户目录, don't go back also no relationship $ ssh-keygen     #可以使用-t option to choose the encryption method, including RSA and DSA two keys # for example: $ssh-keygen-t DSA or ssh-keygen-t rsa# encryption in different ways , the name of the key is different, the other does not differ # If no key is specified, the default rsagenerating public/private RSA key pair.  Enter file in which to save the key (/home/froad/.ssh/id_rsa): #私钥存放的位置, default will be stored in the user directory of the. SSH folder, directly enter passphrase (empty for No passphrase): #默认, enter same passphrase again: #默认, enter your identification has been saved In/home/froad/.ssh/id_rsa. #私 Key path your Public key has been saved in/home/froad/.ssh/id_rsa.pub. #公钥路径The Key fingerprint is:e8:b6:e6:xxxxxxxxxxxxxxxxx: Ec:b5:d8 [email protected]$ cat id_***.pub >> authorized_keys    #*** for encryption means to copy the public key to the Authorized_keys file. If you have a lot of computers to configure, copy all the id_***.pub public keys to a Authorized_keys file

6. Configuration
   

   Copy the Authorized_keys file to a computer that needs to be managed. Note: Place the user directory in the. ssh folder. Linux users will limit your access rights

8. Verify

10. $ SSH [email protected] #root是用户名, can change according to your needs the authenticity of host ' 192.168.2.xxx (192.168.2.xxx) ' can ' t is established. RSA key fingerprint is ff:07:49:4d:xxxxxxxxxxe:2c:38.are do sure you want to continue connecting (yes/no)? Yes# agreed to add the fingerprint to the local warning:permanently added ' 192.168.2.xxx ' (RSA) to the list of known hosts. Last login:wed Oct 13:58:32 from 192.168.1.xxx

    You can only access Authorized_keys's computer on the computer where you generated the key, and if you want to access both computers, password-free. Then you need to repeat the above steps (the machine is configured exactly the opposite).

12. Other

If you add a fingerprint when the prompt to add the failure, because you have previously added the IP fingerprint.

Workaround: Remove the known_hosts file from the. SSH directory (⊙o⊙)! ), you can also open this file to delete the IP record (this is more fine O (∩_∩) o haha ~)

If the steps are correct, you will still be asked to enter the password. This is generally because of a permission issue. The command is as follows

chmod 644 ~/.ssh/authorized_keys

Jenkins Advanced series of--09 configuration Linux system ssh password-free login