SSH login between Linux hosts without password

Source: Internet
Author: User

Server1 Host Name: CENTOS6 ip:192.168.2.105 operating system: centos6.5

Server2 Host Name: RHEL6 ip:192.168.2.110 operating system: rhel6.5


In order to achieve server1 to Server2 can achieve no password login, you can use the Ssh-keygen tool on the Server1 host to generate a pair of keys, Server1 retain the private key, the public key to the Server2 host to the corresponding user's home directory. ssh/folder, Rename to Authorized_keys

The steps are as follows:

1. Generate a key pair on Server1

[[email protected] .ssh]# ssh-keygen -t  Rsagenerating public/private rsa key pair. enter file in which to save the key  (/ROOT/.SSH/ID_RSA):Enter  passphrase  (empty for no passphrase):enter same passphrase again:your  Identification has been saved in /root/.ssh/id_rsa. your public key has been saved in /root/.ssh/id_rsa.pub.the key  Fingerprint is: 
43:5a:4c:00:e6:93:88:ef:92:87:1b:6b:ed:91:c9:33 [email  Protected]the key ' s randomart image is:+--[ rsa 2048]----+|     o....        | |  . + . o         | |.  . +   +        | |  .   . +         | |   .   . s        | |  +. o    .       | | = +e             | |  b .+            | | +&NBSP, ....              |+-----------------+ 
[[email protected]. SSH] #pwd/root/.ssh[[email protected]. SSH] #lsid_rsa id_rsa.pub

It is important to note that Enter passphrase (empty for no passphrase):
Enter same Passphrase again:

These two prompts to enter a password, must be left blank, press ENTER to skip directly, so as to avoid Server1 telnet server2 when the password.

At this time two files were generated, Id_rsa id_rsa.pub

2. Upload the public key file Id_rsa.pub to the Server2 host

[email protected]. ssh]# ssh [email protected] "cat >>/root/.ssh/authorized_keys" < Id_rsa.pub[email protected ] ' s password:

3, modify the Server2 in the sshd configuration file

[[email protected]. SSH] #vim/etc/ssh/sshd_config

Enable two items

Rsaauthentication Yes

Authorizedkeysfile. Ssh/authorized_keys

Restart the sshd service on Server2

[email protected]. ssh]/etc/init.d/sshd restart

At this time from server1 using SSH login Server2 no need to login password, if you still need a password or error, it is due to selinux reasons

[email protected]. ssh]setenforce 0 # # #立即生效

Force off SELinux

or modify the relevant configuration file

[email protected]. ssh]vim/etc/selinux/config

Modify:

selinux=disabled # # #修改配置文件重启后才可生效

At this time can realize server1 to Server2 's no password login


Note: See online said that in view of the security of the file should be two hosts of the. ssh/directory and the permissions of all files in the directory change to 600

Chmod-r. ssh/

But personally, because the. ssh/directory is located in the user's home directory, other ordinary users simply cannot CD in, so this step seems to be omitted.

This article is from the "Red Mansions Dream" blog, please be sure to keep this source http://7385845.blog.51cto.com/7375845/1531074

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.