SSH password-free login access via Ssh-keygen and Ssh-copy-id commands under Linux

Source: Internet
Author: User

Always want to transfer their server SSH authentication mode from user name password mode to RSA and DSA authentication protocol, through the release of OpenSSH 4.2, today wrote a configuration process and collected some reference articles on RSA and DSA.

Idea Finishing:
Has not understood the authentication process in the public key mode, here summarizes the method of making and placing the public key and the secret key. The following assumptions are given as an example of server servers and a single PC.
First, the public keys and keys are not generated on the server. Because many articles about RSA and DSA authentication protocols use Linux servers as props, and naturally use commands such as ssh-keygen-t RSA, which makes me always mistakenly think that I have to first make a public key and a secret key on a Linux server. The real placement method is:
When connecting to the server from a PC, you need to save a pair of keys and keys on your PC (this pair of keys and keys can be generated using tools such as penguinet), and simply upload the generated public key to the server. And often on the server, the public key is placed in the ~/.ssh/authorized_keys file. The settings for this file can be found in /etc/ssh/sshd_config .

Authorizedkeysfile. Ssh/authorized_keys
Then when connecting from one Linux client server to another Linux Server, we should generate a couple of keys on the Linux client server (RSA defaults to Id_rsa and, saved in ~/.ssh /, this setting can be set in /etc/sshd/ssh_config :

# Identityfile ~/.ssh/identity
# Identityfile ~/.ssh/id_rsa
# Identityfile ~/.SSH/ID_DSA
This allows us to better understand the differences between the Ssh_config (client) and the Sshd_config (server side).

Using Ssky-keygen and Ssh-copy-id in the example below, you can log in to a remote Linux host with a simple setup of 3 steps without entering a password.
1. Execute ssh-keygen–t RSA command in client machine to generate SSH public key and SSH private key
2. Execute ssh-copy-id-i. ssh/id_rsa_pub [email protected] on the client machine to copy the local host's public key to the Authorized_keys file on the remote host, Ssh-copy-id The User home directory (home) and ~/.ssh, and ~/.ssh/authorized_keys for the remote host are also set to the appropriate permissions.
3. Client machine test via ssh-v [email protected] No password login server,-V can debug the entire process, can be adjusted wrong.

The problem that appears in 1:

Ssh-copy-id:/usr/bin/ssh-copy-id:error:no identities found


$ Ssh-copy-id Remote-machine

Public key, the private key has been generated and the following error occurred executing the above command:

/usr/bin/ssh-copy-id:error:no identities found

G's discovery lacks a public key path, which can be added by-I:

$ ssh-copy-id-i ~/.ssh/ [email protected]_IP

The problem that appears in 2:

Ssh-keygen produces Id_rsa,, has been placed in the correct position (. ssh), but the following information appears:
Agent admitted failure to sign using the key
On your own client, running Ssh-add, the following message appears:
Identity added:/home/user/.ssh/id_rsa (/HOME/USER/.SSH/ID_RSA)
It's normal to be in the joint again.

SSH password-free login access via Ssh-keygen and Ssh-copy-id commands under Linux

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.