Linux CentOS7 Two machines with password-free login (key pair authentication)

Linux CentOS7 Two machines with password-free login (key pair authentication)

The two machines are:

Host Name: fxq-1,ip:192.168.42.181

Host name: Fxq-2, ip:192.168.42.182

W command to view information for the currently logged on user

[[email protected] ~]# w 23:59:42 up 12 min,  1 user,   load average: 0.00, 0.07, 0.11USER     TTY       from             [ email protected]   idle   jcpu   pcpu whatroot      pts/0    192.168.42.2     23:48     6.00s  0.13s  0.07s w 

[[email protected] ~]# w 00:00:18 up 12 min,  2 users,   load average: 0.00, 0.06, 0.11USER     TTY       FROM              [email protected]   idle   jcpu   pcpu whatroot      pts/0    192.168.42.2     23:48     2.00s  0.08s  0.02s wroot     pts/1     192.168.42.181   00:00    5.00s  0.07s   0.07s -bash 

WHOAMI # #查看当前登录用户 Ssh-p [email protected] # #指定端口和用户进行登录

1. Turn off SELinux (each machine is closed)

• Temporarily close SELinux

Setenforce 0 # #临时关闭SELINUX

Getenforce 0 # #查看SELINUX设置

• Permanently close SELinux

Vi/etc/selinux/conf

Change the Sixth act: selinux=disabled Save exit

on the fxq-1 machine:Ssh-keygen generating a key pair

[[email protected] ~]# ssh-keygen generating public/private rsa key  Pair. enter file in which to save the key  (/ROOT/.SSH/ID_RSA):  Enter  passphrase  (empty for no passphrase): enter same passphrase  Again: your identification has been saved in /root/.ssh/id_rsa. your public key has been saved in /root/.ssh/id_rsa.pub.the key  Fingerprint is:68:6a:c4:24:60:3d:dc:2a:cc:4b:04:58:0a:a8:3f:a9 [email protected] key ' s  RANDOMART IMAGE IS:+--[ RSA 2048]----+| bo+ .            | | =+ + .           | | * . +            | |. = =   .          | |. o.o o s        | |  .+. o           | |  . .o            | | e  .             | |                  |+------ -----------+[[email protected] ~]#

[Email protected] ~]# Ls/root/.ssh/id_rsa id_rsa.pub known_hosts[[email protected] ~]#

On the fxq-1 machine, enter the following command and follow the prompts to enter the password for the root user of fxq-2:

scp/root/.ssh/id_rsa.pub [Email Protected]:/root/.ssh/authorized_keys

This step is to write the public key of the fxq-1 machine to the Authorized_keys file of fxq-2, and if the Authorized_keys file is already in the fxq-2, then it is necessary to paste the public key contents into fxq-2 Authorized_keys file manually. Otherwise, the public key of the original other machine will be overwritten.

[[email protected] ~]# ssh-keygen generating public/private rsa key  Pair. enter file in which to save the key  (/ROOT/.SSH/ID_RSA):  Enter  passphrase  (empty for no passphrase): enter same passphrase  Again: your identification has been saved in /root/.ssh/id_rsa. your public key has been saved in /root/.ssh/id_rsa.pub.the key  Fingerprint is:68:6a:c4:24:60:3d:dc:2a:cc:4b:04:58:0a:a8:3f:a9 [email protected] key ' s  RANDOMART IMAGE IS:+--[ RSA 2048]----+| bo+ .            | | =+ + .           | | * . +            | |. = =   .          | |. o.o o s        | |  .+. o           | |  . .o            | | e  .             | |                  |+------ -----------+[[email protected] ~]# [[email protected] ~]#

[Email protected] ~]# Ls/root/.ssh/id_rsa id_rsa.pub known_hosts[[email protected] ~]#

On the Fxq-2 machine, enter the following command and follow the prompts to enter the password for the root user of fxq-1:

scp/root/.ssh/id_rsa.pub [Email Protected]:/root/.ssh/authorized_keys

This step is to write the public key of the fxq-2 machine to the Authorized_keys file of fxq-1, and if the Authorized_keys file is already in the fxq-1, then it is necessary to paste the public key contents into fxq-1 Authorized_keys file manually. Otherwise, the public key of the original other machine will be overwritten.

After completion can be tested on the fxq-1, without entering the password to be able to login Fxq-2 success:

[[email protected] ~]# ssh 192.168.42.182Last login:thu 3 17:28:57 2017[[email protected] ~]#

This article is from the "Feng Xiaoqing blog" blog, make sure to keep this source http://fengyunshan911.blog.51cto.com/995251/1953514

Linux CentOS7 Two machines are free to enter passwords between each other (key pair authentication)