Linux telnet ssh password free

Source: Internet
Author: User
Tags system log

Original link, thanks to the original author.

(a) Question:

If we now have two machines: ServerA and ServerB, now we want ServerA to be able to access without entering a password.

(ii) Methods and principles:

We use Ssh-keygen to generate private and public keys on ServerA, and after copying the generated public key to the remote machine ServerB, you can use the SSH command to log on to another machine ServerB without a password.

In a Linux system, SSH is the default tool for remote logins because the tool's protocol uses the RSA/DSA encryption algorithm "default is the DSR algorithm", which is very secure for remote management of Linux systems.

(iii) Experimental steps:

1. Login ServerA

2.SSH-KEYGEN-T RSA, the public and private key files will be generated Id_rsa and id_rsa.pub "If you keep going, the last two files should be under /home/$USER/.ssh "

3. Copy the. pub file to the. SSH directory of the ServerB machine and save it as a Authorized_keys

You can use:

The Ssh-cop-id command copies the specified public key file to the remote computer

[Email protected] ~]$ ssh-copy-id-i ~/.ssh/id_rsa.pub [email protected]
28
[email protected] ' s password:
Now try logging to the machine, with "ssh" [email protected] ' ", and check in:


. Ssh/authorized_keys


To make sure we haven ' t added extra keys so you weren ' t expecting.


[[email protected] ~]$ ssh [email protected]
[email protected] ' s password:
Last Login:thu-16:05:32 from 192.168.55.229
[Email protected] ~]$

4. Finished, from a machine to log on to the target account B machine, no longer need password

5. Set file and directory permissions "This step can be omitted, but for the sake of security, plus is also necessary ~"

Set Authorized_keys Permissions

chmod 644 Authorized_keys

Set the. SSH directory permissions

chmod 700-r. SSH

6. Be sure that both SSH and Authorized_keys only have write permissions for the user. Otherwise, validation is not valid. (Today is the problem, looking for a long time the problem), in fact, think carefully, this is done so as not to appear system vulnerabilities.

Error:

The authenticity of host ' 192.168.20.59 (192.168.20.59) ' can ' t be established.
RSA key fingerprint is 6a:37:c0:e1:09:a4:29:8d:68:d0:ca:21:20:94:be:18.
Is you sure want to continue connecting (yes/no)? Yes
warning:permanently added ' 192.168.20.59 ' (RSA) to the list of known hosts.
[email protected] ' s password:
Permission denied, please try again.
[email protected] ' s password:
Permission denied, please try again.
[email protected] ' s password:
Permission denied (Publickey,gssapi-with-mic,password).

If the above permission is not a problem, then hurry to see your configuration file, because someone will like to change this stuff, so you will not succeed in any way:

Open the/etc/ssh/ssh_config file and locate the following section:

# Identityfile ~/.ssh/identity
Identityfile ~/.ssh/id_rsa

Look at the name of your private key, isn't this ~/.ssh/id_rsa

Haha, still have to look at the configuration file ~ ~

If there is a Taichung control machine has been opened to the application of the host between the remote login without password, now need to get through another Taichung, the following is the script I wrote to practice this feature:

############################################ realize the control without password login ############################################

#!/bin/bash
#Author: zhuying


Scriptdir=/home/oracle/zy/changecps


For IP in ' grep-v ^# ' $scriptdir '/cps.ip '
Do
Scp/home/oracle/zy/changecps/169keys [email protected] $ip: ~/</dev/null
SSH $ip "cat ~/169keys >>/home/oracle/.ssh/authorized_keys;rm ~/169keys" </dev/null
SSH $ip "Cat/home/oracle/.ssh/authorized_keys|sort|uniq >/home/oracle/.ssh/tmp.keys" </dev/null
SSH $ip "Mv/home/oracle/.ssh/tmp.keys/home/oracle/.ssh/authorized_keys" </dev/null
SSH $ip "chmod 644/home/oracle/.ssh/authorized_keys" </dev/null
Done

########################################### realize the control without password login ##############################################

Ps:

If we add the public key, still can not access, it may be the ServerA host above a file known_hosts already exist ServerB IP information, remove the re-access.

In addition, if the above method after the attempt or not, it may be because the number of login failures are locked, this time we need to look at our system log/var/log/messages, the previous lock information log deleted.

Reference article:

Http://os.51cto.com/art/200812/101989_1.htm

Problem:

(1) Connection closed by $IP

May be more than the system default failure times, and then clean up OK ~ "Faillog-a;faillog-r"

(2) In the case of the previous steps are correct, each telnet or prompted to enter a password, this time may be a permissions issue:

chmod 644 Authorized_keys again login OK ~ "If it is red Hat 5.6, it is best to change to 600, otherwise considered unsafe ~"

1 floor Purple Ying 2012-03-28 10:51 published [Reply] [citation] [report]

Password is not entered from Windows to Linux based on the key:
Based on Xmanager Enterprise 3 implementation: Mister into key to point Tools-->user key Generation Wizard Select RSA generate key pair next then save next file to desktop
Then copy the desktop key to Linux and then cat id_rsa.pub >>~/.ssh/authorized_keys2

Linux telnet ssh password free

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.