[Linux study notes] how to implement remote logon or script execution without a password on a Linux host

[Linux study notes] how to remotely log on to a Linux host without a password or execute scripts to remotely execute routine O & M on a linux host, you often need to run scripts locally to execute commands on the remote host. Under normal circumstances, the system will prompt you to enter the password when logging on to the remote machine through ssh... [Linux study notes] Linux host often needs to run scripts locally to execute commands for remote hosts during routine O & M without a password. Under normal circumstances, when logging on to a remote machine through ssh, the system will prompt you to enter the password, which will affect the automatic execution of the script (because the shell script does not have the command to automatically fill the password ). In general, there are two ways to solve the problem: 1) establish an ssh trust relationship between hosts 2) use a python script to simulate the password input process of the scp command to avoid manual password loss each time. This topic describes in sequence. 1. establish an ssh trust relationship between hosts to achieve login without entering a password. assume that you need to establish a trust relationship between usr1 @ localhost and usr2 @ remote (host, user, there are three steps: 1) generate the authentication key of usr1 @ localhost [plain] [usr1 @ localhost ~] $ Ssh-keygen-t rsa Generating public/private rsa key pair. enter file in which to save the key (/home/usr1 /. ssh/id_rsa): [press Enter directly] Enter passphrase (empty for no passphrase): [to establish a password-free ssh trust relationship, press Enter! Otherwise, you must Enter the password every time you log on to the remote machine after the trust relationship is established.] Enter same passphrase again: [press Enter] Your identification has been saved in/home/usr1 /. ssh/id_rsa. your public key has been saved in/home/usr1 /. ssh/id_rsa.pub. the key fingerprint is: b4: de: 66: 2c: c1: 04: ad: 7c: 48: 7c: f7: 94: 71: 09: 85: 21 usr1 @ localhost after performing this step ~ /. In the ssh directory, you can see the id_rsa and id_rsa.pub files. The latter content is the publicauthentication key to be used later. We have specified the encryption algorithm rsa through-t RSA here. In fact, there are other encryption algorithms. for details, refer to man ssh-keygen. 2) copy the generated id_rsa.pub file to usr2 @ remote ~ /. Ssh/authorized_keys file [plain] [usr1 @ localhost ~] $ Cat ~ /. Ssh/id_rsa.pub | ssh usr2 @ remote 'cat>. ssh/authorized_keys 'usr2 @ remote's password: [enter the logon password of usr2 @ remote host here] After performing this step, check the ~ of usr2 @ remote ~ The/. ssh/authorized_keys file shows that the public key of usr1 @ localhost has been appended to the end of the file. Note that in the preceding command ~ /. When using ssh/authorized_keys to write content, you can use> for append, rather than> overwrite. The latter may clear the trust relationships that have been established with other hosts before the remote host. To avoid manual command input errors, we can use the ssh-copy-id tool to complete this step, instead of manually modifying the authorized_keys file. But the command ssh-copy-id does not appear on my machine .?? /Div> 3) after the first two steps of login verification, usr2 @ remote has added usr1 @ localhost to the trust relationship List. Therefore, when logging on to usr2 @ remote from usr1 @ localhost, no password is required. At this point, the shell script can be fully automated. Tips: to avoid entering several commands every time you establish a trust relationship between hosts, you can write the above commands. sh script. when you need to establish a trust relationship, you can directly execute the script on the host that serves as the client, which is convenient and error-prone.