SSH password-free Login

Source: Internet
Author: User
Tags ssh server

SSH password-free Login

I had a hard time logging on via SSH without a password. It would be easy to use the root permission, but it is not formal. After all, I am a professional expert ~~

So there are a lot of strange problems. When we solve them, we find that they are not that troublesome.

The following is the 117 one-way, password-less connection I first made with the root user to connect to 118,119,120. This is required before building hdfs-HA-Federation + yarn.

Before setting password-free logon, you must configure the name of each ip address in your hosts to facilitate future switching and use. Change your hostname by the way, it is also possible not to change.

1. First, use the following command to generate an ssh password-free key:

[root@localhost ~]# ssh-keygen -t rsa -P ''

Press enter all the way. If you have used one, you can select yes to overwrite the previous key ~~

Generating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'.Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:ca:14:3d:fa:96:ba:41:17:c6:60:7d:dc:31:67:9e:b8 root@localhost.localdomainThe key's randomart image is:+--[ RSA 2048]----+|      o. . .o.o  ||     . +. o .* . ||      . *.  . o  ||       + o   .   ||      + S   E    ||     + + .       ||      + +        ||       +         ||      o.         |+-----------------+

2. Enter the root directory of the user. There will be a hidden. ssh folder. After entering, you will see an id_rsa.pub. This is the password-free key. Append the key to authorized_keys.

[root@localhost .ssh]# cat id_rsa.pub >> authorized_keys

You must change authorized_keys to 600. To be honest, I don't know why.

[root@localhost .ssh]# chmod 600 authorized_keys

 

3. Send the generated key to the server without a password, regardless of the method used (send the key to 118,119,120 respectively ). You can log on to the machine on which your key is assigned.

[root@localhost .ssh]# scp id_rsa.pub root@192.168.75.118:/home/id_rsa.pub

Copy the previous operation and then repeat the above operation to append the value in the passed id_rsa.pub to the generated authorized_keys (you can copy it directly to authorized_keys and set the permission to 600)

4. Under the root permission, edit the sshd_config file:

[root@localhost .ssh]# vim /etc/ssh/sshd_config

Uncomment the comments of RSAAuthentication and PubkeyAuthentication, and modify the location of the AuthorizedKeyFile (this location is relative to the location of the user to enter, rather than the location under root)

RSAAuthentication yes # enable RSA Authentication PubkeyAuthentication yes # enable public key/private key pair Authentication
# The default is to check both. ssh/authorized_keys and. ssh/authorized_keys2 # but this is overridden so installations will only check. ssh/authorized_keys
AuthorizedKeysFile. ssh/authorized_keys # public key file path (same as the file generated above)

Restart the ssh service after Configuration:

[root@localhost .ssh]# service sshd restartRedirecting to /bin/systemctl restart  sshd.service

5. Test it ~~

[root@bkjia ~]# ssh node117Last login: Tue Aug 18 07:48:58 2015[root@bkjia ~]# exitlogoutConnection to node117 closed.[root@bkjia ~]# ssh node118Last login: Tue Aug 18 07:46:59 2015 from node117[root@qiang118 ~]# exitlogoutConnection to node118 closed.[root@bkjia ~]# ssh node119Last login: Tue Aug 18 07:47:17 2015 from node117[root@localhost ~]# exitlogoutConnection to node119 closed.[root@bkjia ~]# ssh node120Last login: Tue Aug 18 07:47:39 2015 from node117[root@localhost ~]# exitlogoutConnection to node120 closed.[root@bkjia ~]#  

This is a password-free login performed by non-root users later (note that the usernames of each server should be the same, and it turns out that it will not be connected ...)

[qiang@bkjia ~]$ ssh node117Last login: Tue Aug 18 08:59:20 2015[qiang@bkjia ~]$ ssh node118Last login: Tue Aug 18 08:59:27 2015 from node117[qiang@qiang118 ~]$ exitlogoutConnection to node118 closed.[qiang@bkjia ~]$ ssh node119Last login: Tue Aug 18 08:59:40 2015 from node117[qiang@qiang119 ~]$ exitlogoutConnection to node119 closed.[qiang@bkjia ~]$ ssh node120Last login: Tue Aug 18 09:00:39 2015 from node120[qiang@qiang120 ~]$ exitlogoutConnection to node120 closed.[qiang@bkjia ~]$ 

After creating a new user, obtain the key again under the root directory of the user. This is different from the key generated under the root user ~

You may also like the following SSH-related articles. For details, refer:

Complete SSH service configuration and troubleshooting in Ubuntu

How to install Samba and SSH server in Ubuntu 14.04

SSH service remote access to Linux Server login is slow

How to Improve the SSH login authentication speed of Ubuntu

Enable the SSH service to allow Android phones to remotely access Ubuntu 14.04

How to add dual authentication for SSH in Linux

Configure the SFTP environment for non-SSH users in Linux

Configure and manage the SSH service on Linux

This article permanently updates the link address:

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.