No password access for Linux SSH
#如果密钥密码回车两次, the key password is empty, using SSH login does not need to enter the key password, SSH [email protected] Enter to enter 9.80, the second step to achieve the purpose. If the key has its own password, want to implement password-free login can see the third step.
The server s client C s uses the 192.168.9.22 C for the 192.168.9.80
1. Generate key pair, easy to build on C, the following actions I use root, you can also use the ordinary user
[Email protected] ~]# ssh-keygen-t DSA
Generating Public/private DSA key pair.
Enter file in which to save the key (/ROOT/.SSH/ID_DSA): ID_DSA
Enter passphrase (empty for no passphrase): #这里输入你设定的密钥密码
Enter same passphrase again: # once again enter the password, if the direct return, the password is empty.
Your public key had been saved in Id_dsa.pub.
The key fingerprint is:
4b:a1:59:b9:31:1f:bf:3d:a8:c1:c9:ba:d9:7f:39:f3 [email protected]
The key ' s Randomart image is:
+--[DSA 1024x768]----+
| |
| . |
| * . |
| + * o |
| o S. . |
| . + . + |
| . = o O. |
| + O =. |
| +.O ... +e|
+-----------------+
Note: Where ID_DSA is the private key, Id_dsa.pub is the public key, the private key is kept locally on the client, and the public key is copied to the server you want to SSH on to
2. Configure the Public key
Copy the public key to server A on C
[Email protected] ~]# cd/root/.ssh/
[email protected]. ssh]# ls
ID_DSA id_dsa.pub known_hosts
[email protected]. ssh]# SCP ~/.ssh/id_dsa.pub [email protected]:/tmp
[email protected] ' s password:
Id_dsa.pub 100% 731 0.7kb/s 00:00
[email protected]. ssh]# ssh [email protected]
[email protected] ' s password:
Last Login:fri Oct to 10:41:09 from 192.168.9.123
Cat/tmp/id_dsa.pub >> ~/.ssh/authorized_keys
[Email protected] ~]# rm-rf/tmp/id_rsa.pub
Note: You can log in a from C by using the key pair authentication.
[[Email protected] ~]# exit
Logout
Connection to 192.168.9.80 closed.
[email protected]. ssh]# ssh [email protected]
Last Login:fri Oct to 11:14:09 from 192.168.9.22
[[email protected] ~]# ifconfig #可以看到现在使用密钥验证登录到9.80, if the above key password directly to enter the password is empty, here do not need to enter the key password direct carriage.
3 Configure password-free login
If the key itself is set with a password, it can then be configured to log in without password ssh.
Execute on Client C
[[Email protected] ~]# eval ' ssh-agent '
Agent PID 11490
' is the TAB key above that key is not a single quote
And then execute
Ssh-add
Enter Passphrase FOR/ROOT/.SSH/ID_DSA: Enter the password for the key pair
Identity added:/root/.ssh/id_dsa (/ROOT/.SSH/ID_DSA)
Then you can access a with SSH without a password from C. This allows us to complete a server configuration with no password access for Linux ssh.
This article is from the IT Technology summary blog, so be sure to keep this source http://menglingqian.blog.51cto.com/8281087/1682951
Linux SSH without password access using key pair