SSH login with no password to use the public and private keys. Linux can be used to generate a public/private key pair with Ssh-keygen, below I take CentOS as an example.
There is machine A (192.168.1.155), B (192.168.1.181). Now want to a through SSH password-free login to B.
First, take the root account login as an example.
1. Generate a public/private key pair under the a machine.
-P for the password,-p ' means the empty password, you can not use the-p parameter, so that three cars to enter, with-P on a return.
The command will generate a pair of keys Id_rsa and id_rsa.pub under the/root/.ssh directory.
The RSA key for SSH is generally used:
Id_rsa private Key
Id_rsa.pub Public Key
The following command produces different types of keys
Ssh-keygen-t DSA
SSH-KEYGEN-T RSA
Ssh-keygen-t RSA1
2. Copy the/root/.ssh/id_rsa.pub under the a machine into the/root/.ssh/authorized_keys file of the B machine, first create a good/root/.ssh directory on the B machine and copy it with SCP.
Since there is no password-free login, enter the root password of machine B once.
If the Authorized_keys file is already on the B machine and there is content in it, copy the id_rsa.pub you just generated to the B machine and then use cat id_rsa.pub >>/root/.ssh/authorized_ The keys is appended to the end of the file.
In addition, you can use the following method to directly copy the newly generated id_rsa.pub to the corresponding user.
Ssh-copy-id [email protected]
You can do it. will automatically pass the public key to the owner of the server. [email protected] to log in with Root.
If the server is not port 22, specify the port:
Ssh-copy-id "-p port [email protected]"
3.Authorized_keys's authority if!!!
4.A Machine login B machine.
The first time you log in is when you want to enter Yes.
Now a machine can be no password login B machine.
Summary: Log on the machine can have a private key, the machine to be logged on to have the public key of the machine. This public/private key pair is typically generated on the private key host. Above is the RSA algorithm's public/private key pair, of course, you can also use DSA (the corresponding file is id_dsa,id_dsa.pub)
Want to let A, B machine without password mutual login, that machine is configured in the same manner as above.
The use of Ssh-keygen
Suppose A is a customer machine and B is the target machine;
To achieve the purpose:
A machine SSH login B machine does not need to enter a password;
Encryption mode RSA|DSA can be selected, the default DSA
Practice:
1. Log In a machine
2, Ssh-keygen-t [RSA|DSA], will generate a key file and a private key file id_rsa,id_rsa.pub or id_dsa,id_dsa.pub
3. Copy the. pub file to the. SSH directory of the B machine, and cat id_dsa.pub >> ~/.ssh/authorized_keys
4, finished, from a machine login B machine's target account, no longer need password;
Ssh-keygen do password verification to enable SSH to the other machine, the SCP does not use the password.
Here's how:
SSH-KEYGEN-T RSA
Then all returns, with default values.
This generates a pair of keys that are stored under the ~/.ssh of the user directory.
Test the public key into the user directory of the other machine and copy it into the ~/.ssh/authorized_keys.
Be sure that both SSH and Authorized_keys have write permissions for the user. Otherwise, validation is not valid. (Today is the problem, looking for a long time the problem), in fact, think carefully, this is done so as not to appear system vulnerabilities.
Linux uses SSH public key for password-free login to Linux
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
