SSH password-free Login
I had a hard time logging on via SSH without a password. It would be easy to use the root permission, but it is not formal. After all, I am a professional expert ~~
So there are a lot of strange problems. When we solve them, we find that they are not that troublesome.
The following is the 117 one-way, password-less connection I first made with the root user to connect to 118,119,120. This is required before building hdfs-HA-Federation + yarn.
Before setting password-free logon, you must configure the name of each ip address in your hosts to facilitate future switching and use. Change your hostname by the way, it is also possible not to change.
1. First, use the following command to generate an ssh password-free key:
[root@localhost ~]# ssh-keygen -t rsa -P ''
Press enter all the way. If you have used one, you can select yes to overwrite the previous key ~~
Generating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'.Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:ca:14:3d:fa:96:ba:41:17:c6:60:7d:dc:31:67:9e:b8 root@localhost.localdomainThe key's randomart image is:+--[ RSA 2048]----+| o. . .o.o || . +. o .* . || . *. . o || + o . || + S E || + + . || + + || + || o. |+-----------------+
2. Enter the root directory of the user. There will be a hidden. ssh folder. After entering, you will see an id_rsa.pub. This is the password-free key. Append the key to authorized_keys.
[root@localhost .ssh]# cat id_rsa.pub >> authorized_keys
You must change authorized_keys to 600. To be honest, I don't know why.
[root@localhost .ssh]# chmod 600 authorized_keys
3. Send the generated key to the server without a password, regardless of the method used (send the key to 118,119,120 respectively ). You can log on to the machine on which your key is assigned.
[root@localhost .ssh]# scp id_rsa.pub root@192.168.75.118:/home/id_rsa.pub
Copy the previous operation and then repeat the above operation to append the value in the passed id_rsa.pub to the generated authorized_keys (you can copy it directly to authorized_keys and set the permission to 600)
4. Under the root permission, edit the sshd_config file:
[root@localhost .ssh]# vim /etc/ssh/sshd_config
Uncomment the comments of RSAAuthentication and PubkeyAuthentication, and modify the location of the AuthorizedKeyFile (this location is relative to the location of the user to enter, rather than the location under root)
RSAAuthentication yes # enable RSA Authentication PubkeyAuthentication yes # enable public key/private key pair Authentication
# The default is to check both. ssh/authorized_keys and. ssh/authorized_keys2 # but this is overridden so installations will only check. ssh/authorized_keys
AuthorizedKeysFile. ssh/authorized_keys # public key file path (same as the file generated above)
Restart the ssh service after Configuration:
[root@localhost .ssh]# service sshd restartRedirecting to /bin/systemctl restart sshd.service
5. Test it ~~
[root@bkjia ~]# ssh node117Last login: Tue Aug 18 07:48:58 2015[root@bkjia ~]# exitlogoutConnection to node117 closed.[root@bkjia ~]# ssh node118Last login: Tue Aug 18 07:46:59 2015 from node117[root@qiang118 ~]# exitlogoutConnection to node118 closed.[root@bkjia ~]# ssh node119Last login: Tue Aug 18 07:47:17 2015 from node117[root@localhost ~]# exitlogoutConnection to node119 closed.[root@bkjia ~]# ssh node120Last login: Tue Aug 18 07:47:39 2015 from node117[root@localhost ~]# exitlogoutConnection to node120 closed.[root@bkjia ~]#
This is a password-free login performed by non-root users later (note that the usernames of each server should be the same, and it turns out that it will not be connected ...)
[qiang@bkjia ~]$ ssh node117Last login: Tue Aug 18 08:59:20 2015[qiang@bkjia ~]$ ssh node118Last login: Tue Aug 18 08:59:27 2015 from node117[qiang@qiang118 ~]$ exitlogoutConnection to node118 closed.[qiang@bkjia ~]$ ssh node119Last login: Tue Aug 18 08:59:40 2015 from node117[qiang@qiang119 ~]$ exitlogoutConnection to node119 closed.[qiang@bkjia ~]$ ssh node120Last login: Tue Aug 18 09:00:39 2015 from node120[qiang@qiang120 ~]$ exitlogoutConnection to node120 closed.[qiang@bkjia ~]$
After creating a new user, obtain the key again under the root directory of the user. This is different from the key generated under the root user ~
You may also like the following SSH-related articles. For details, refer:
Complete SSH service configuration and troubleshooting in Ubuntu
How to install Samba and SSH server in Ubuntu 14.04
SSH service remote access to Linux Server login is slow
How to Improve the SSH login authentication speed of Ubuntu
Enable the SSH service to allow Android phones to remotely access Ubuntu 14.04
How to add dual authentication for SSH in Linux
Configure the SFTP environment for non-SSH users in Linux
Configure and manage the SSH service on Linux
This article permanently updates the link address: