1, the use of Ssh-keygen to generate a pair of public private keys, commands are as follows
SSH-KEYGEN-T RSA
A carriage return will allow you to enter the path and name of the public key, which is stored by default in the ~/.ssh/directory
Then enter a password to protect the private key, if you enter the password here, you will be connected to upload the public key of the machine would ask you to this password, if the password is empty, you can directly connect, no password is very unsafe, once someone copied your passphrase, Then he can log in without the password.
2. Upload the generated public key to the server you want to connect to and append its contents to a file called ~/.ssh/authorized_keys, which commands the following
Cat Public Key File | SSH user @192.168.1.9 "cat->> ~/.ssh/authorized_keys"
(Note that if the ~/.ssh folder does not exist, please create it manually)
If you do not enter a password in the first step, this can be achieved without entering a password can be landed SSH server pull, conversely, you use the SSH user @ server address, you will be prompted to enter the password of the private key, enter the correct password, you can log in, you may also direct return, you will be prompted to enter the server password.
Until now you have not implemented a real password-free login, but you can use Ssh-agent to provide the private key, commands are as follows
Eval ' ssh-agent '
Ssh-add
Here will be prompted to enter a passphrase, here entered the correct password, and then in this session to use SSH will not need to enter the password, but re-open a terminal, where the use of SSH or need to enter the password, if you want to reuse the existing ssh-agent, It can be implemented in a simple Perl script that reads as follows:
Use strict;
My $exist;
My @dirs = grep {-R $_} glob "/tmp/ssh-*";
foreach (@dirs) {
My @socks = Glob ("{$_}/agent.*");
Next unless (@socks);
foreach (@socks) {
$exist = $_;
# Check Agent
Unless (System "Ssh_auth_sock=$_ ssh-add-l >/dev/null 2>&1") {
Print "Export ssh_auth_sock=$_/n";
Exit 0;
}
}
}
if ($exist) {
System "ssh_auth_sock= $exist Ssh-add";
Print "Export ssh_auth_sock= $exist/n";
} else {
System "ssh-agent";
EXEC $;
}
Create a file with Toucth named Ssh-attach (name casually), add the above content, modify the permissions of the file, chmod 755 ssh-attact, place it in/usr/bin, and then add the following line to the. bashrc.
Eval ' Ssh-attac '
At this point, is the implementation of the password-free SSH login (of course, at least still need to enter a password (passphrase))
(Note: This article refers to http://www.jianingy.com/ssh-pass.html)
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
