================================= Reference materials of the same level:
Linux-Private Key LoginHttp://mengsir.blog.51cto.com/2992083/908342
To write a shell, you must remotely execute the shell command. Login-free principle:
======================================
- first, describe the processing mechanism:
- 1. Asymmetric keys are a pair of key-public keys and private keys.
- 2. The private key is held by no one in the system and is generally stored in your computer or USB flash drive.
- 3. The public key is transmitted over the network, that is, it can be passed to the other party in the communication, which means it can be intercepted by hackers.
- 4. data encrypted with a personal private key can only be decrypted with that individual's public key. Similarly, data encrypted with the public key can only be decrypted with the private key.
-
- the general process of our application in information processing can be as follows:
- assume that we have two message providers, A and B
- 1. If a wants B to send a message, first obtain or pass B to a B's public key.
- 2. Then, a encrypts the message with the public key of B and passes it to B.
- 3. B uses its own private key to decrypt the message to obtain the plaintext.
1. Asymmetric keys are a pair of key-public keys and private keys. 2. the private key is held by no one in the system. It is generally stored in your computer or USB flash drive. 3. The public key is transmitted over the network, that is, it can be passed to the other party in the communication, that is, it can be intercepted by hackers. 4. data encrypted with a personal private key can only be decrypted with that individual's public key. Similarly, data encrypted with the public key can only be decrypted with the private key. In this way, the general process of our application in information processing can be as follows: Suppose we have two message providers A and B 1. A wants B to send a message. First, B gets or passes the public key to B. 2. Then, a encrypts the message with the public key of B and passes it to B. 3. B. Use your private key to decrypt the message to obtain the plaintext.
From: http://blog.163.com/hbu_lijian/blog/static/126129153200910333623799/
The public key and private key (I am illiterate, and I used to read Yao before the key word. This is a multi-tone word. Here I should read Yue) are displayed in pairs. Once any change is made, the verification will fail.
1. login-free implementation:
In the following example, ssky-keygen and SSH-copy-ID can be used to log on to a remote Linux host without a password. Ssh-keygen creates the public key and key. Ssh-copy-ID copies the public key of the local host to the authorized_keys file of the remote host. The SSH-copy-ID will also be sent to the user home directory (home) and ~ of the remote host ~ /. Ssh, and ~ /. Ssh/authorized_keys.
Step 1: Use SSH-key-Gen to create a public key and a key on the local host
Ligh @ local - Host $ SSH - Keygen - T RSA enter File
In Which to save the key ( / Home / Jsmith / . SSH / Id_rsa) : [Enter key] Enter passphrase (empty
For No passphrase) : [Press ENTER key] Enter same passphrase again : [PESS enter key] Your identification has been saved
In / Home / Jsmith / . SSH / Id_rsa. Your public key has been saved
In / Home / Jsmith / . SSH / Id_rsa.pub. The key fingerprint is : 33 : B3 : Fe : AF : 95 : 95 : 18 : 11 : 31 : D5 : De : 96 : 2f : F2 : 35 : F9 ligh @ local - Host
Step 2: Use SSH-copy-ID to copy the public key to the remote host.
Ligh @ local - Host $ SSH - Copy - ID - I ~ / . SSH / Id_rsa.pub root @ 192 . 168 . 0 . 3 Ligh @ remote - Host's password : Now try logging into the machine, with-ssh ? Remote - Host '‖, And Check
In : . SSH / Authorized_keys to make sure we haven't added extra keys that You weren' t expecting.
[Note: The Ssh-copy-ID appends the key to. Ssh/authorized_key of the remote host.]
Step 3: log on to the remote host directly
Ligh @ local - Host $ SSH remote - Host last login : Sun Nov 16 17 : 22 : 33 2008 From 192 . 168 . 1 . 2
[Note: SSH does not ask for the password.] ligh @ remote-host $ [Note: You have logged on to the remote host now]
2. logon Failure and public key failure
Ssh-copy-ID was not used to copy the public key to a remote machine. Instead, it was copied using SCP and then manually added to authorized_keys.
But one day this approach suddenly becomes ineffective... No reason is found. Later, the key was regenerated and the problem was solved by using SSH-copy-id.
Note that the public key must be re-copied on the login-free Server Load balancer client that was previously set after the key is regenerated.