[Go] Linux Server three-step configuration password-free login

Ssh-keygenGenerates a public and private key pair. Ssh-copy-idCopy the local public key to the remote machine's Authorized_keys file, Ssh-copy-id can also give you the right to the remote machine home, ~./SSH, and ~/.ssh/authorized_keys
First step: Use Ssh-keygen on the local machine to generate the public key private key pair

1. [Email protected]$ [Note:you is on local-host here]
5. [Email protected]$ Ssh-keygen
7. Generating public/private RSA key pair.
9. Enter file in which to save the key (/HOME/JSMITH/.SSH/ID_RSA): [Enter key]
11. Enter passphrase (empty for no passphrase): [Press ENTER key]
13. Enter same passphrase again: [Pess enter key]
15. Your identification has been saved In/home/jsmith/.ssh/id_rsa.
17. Your public key has been saved in/home/jsmith/.ssh/id_rsa.pub.
19. The key fingerprint is:
21. 33:B3:FE:AF:95:95:18:11:31:D5:DE:96:2F:F2:35:F9 [email protected]

Step two: Use Ssh-copy-id to copy the public key to the remote machine

1. [Email protected]$ ssh-copy-id-i ~/.ssh/id_rsa.pub remote-host
3. [email protected] ' s password:
5. Now try logging to the machine, with "ssh ' remote-host '", and check in:
9. . Ssh/authorized_keys
13. To make sure we haven ' t added extra keys so you weren ' t expecting.

Note: Ssh-copy-id writes key to the ~/ . Ssh/authorized_key. File in the remote machine.

Step Three:Log on toRemote machine does not enter password

1. [Email protected]$ ssh remote-host
3. Last Login:sun-17:22:33 from 192.168.1.2
5. [Note:ssh did not ' ask for password.]
9. [Email protected]$ [Note:you is on remote-host here]

Problems:

1. Ssh-copy-id-u eucalyptus-i ~eucalyptus/.ssh/id_rsa.pub [email protected]_host

The above is to give Eucalyptus users the right to login without a password

[1]

1. /usr/bin/ssh-copy-id:error:no identities found

With option-I, when no value is passed or if the ~/.ssh/identity.pub file is inaccessible (not present), Ssh-copy-id displays the above error message (The-I option takes precedence over what will be ssh-add-l)

2. [Email protected]$ ssh-agent $SHELL
10. [Email protected]$ ssh-add-l
14. The agent has no identities.
22. [Email protected]$ ssh-add
26. Identity added:/home/jsmith/.ssh/id_rsa (/HOME/JSMITH/.SSH/ID_RSA)
34. [Email protected]$ ssh-add-l
38. Ssh-rsa AAAAB3NZAC1YC2EAAAABIWAAAQEASJIEILXFTJ8ASXMA3D8T6JVM79DYBV
42. ahrtphtypq7kiemunzapnyxshph1tq/ow==/home/jsmith/.ssh/id_rsa
50. [Email protected]$ ssh-copy-id-i remote-host
54. [email protected] ' s password:
58. Now try logging to the machine, with "ssh ' remote-host '", and check in:
66. . Ssh/authorized_keys
74. To make sure we haven ' t added extra keys so you weren ' t expecting.
78. [Note:this have added the key displayed by Ssh-add-l]

[2] Ssh-copy-id should be noted in three small places

2. default public key: Ssh-copy-id uses ~/.ssh/identity.pub as the default public key file (i.e if no value is pas sed to option-i). Instead, I Wish it uses id_dsa.pub, or id_rsa.pub, or identity.pub as default keys. I.e If any one of them exist, it should copy this to the Remote-host. If or three of them exist, it should copy Identity.pub as default.
4. The agent has no identities: When the ssh-agent is running and the ssh-add-l returns ' the agent has no identities ' (i.e no keys are added to the ssh-a Gent), the Ssh-copy-id would still copy the message "The agent has no identities" to the Remote-host ' s Authorized_keys entr Y.
6. Duplicate entry in Authorized_keys: I Wish Ssh-copy-id validates duplicate entry on the Remote-host ' s authorized_keys. If you execute Ssh-copy-id multiple times on the local-host, it'll keep appending the same key on the Remote-host ' s auth Orized_keys file without checking for duplicates. Even with duplicate entries everything works as expected. But, I would like to has my Authorized_keys file clutter free.

[Go] Linux Server three-step configuration password-free login