Home > Developer > Linux

Password-free login under Linux (Super verbose)

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Generate key under 1.Linux

Ssh-keygen's command manual, through the "Man Ssh-keygen" command:

by command "ssh-keygen-t RSA"

A ". SSH" folder will be generated at the user's root directory after the build

Entering ". SSH" will generate the following files

Authorized_keys: The public key that stores the remote password-free login, which records the public key of multiple machines mainly through this file.

ID_RSA: Generated private key file

Id_rsa.pub: Generated Public key file

Know_hosts: List of known host public keys

If you want the SSH public key to take effect, at least two of the following conditions will be met:

1). The SSH directory must have permissions of 700

2). The. ssh/authorized_keys file permission must be 600

2. Remote password-free login

Schematic diagram:

The following methods are commonly used:

   2.1 By way of Ssh-copy-id

Command: Ssh-copy-id-i ~/.ssh/id_rsa.put <romte_ip>

Example:

?
1234567891011 [[email protected]test .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.91.135 [email protected]‘s password: Now try logging into the machine, with "ssh ‘192.168.91.135‘", and check in:.ssh/authorized_keysto make sure we haven‘t added extra keys that you weren‘t expecting.[[email protected]test .ssh]# ssh [email protected]Last login: Mon Oct 10 01:25:49 2016 from 192.168.91.133[[email protected] ~]#

Common errors:

[Email protected] ~]# ssh-copy-id-i ~/.ssh/id_rsa.pub 192.168.91.135

-bash:ssh-copy-id:command not found//prompt command does not exist

Workaround: Yum-y Install openssh-clients

2.2 Writing content to each other's files via SCP

Command: scp-p ~/.ssh/id_rsa.pub [Email Protected]<remote_ip>:/root/.ssh/authorized_keys

Example:

?
123456789 [[email protected]test .ssh]# scp -p ~/.ssh/id_rsa.pub [email protected]:/root/.ssh/authorized_keys[email protected]‘s password: id_rsa.pub 100% 408 0.4KB/s 00:00 [[email protected]test .ssh]# [[email protected]test .ssh]# [[email protected]test .ssh]# [[email protected]test .ssh]# ssh [email protected]Last login: Mon Oct 10 01:27:02 2016 from 192.168.91.133[[email protected] ~]#

      It can also be divided into two steps:

$ SCP ~/.ssh/id_rsa.pub [email protected]<remote_ip>:p ub_key//Copy files to a remote server
$ cat ~/pub_key >>~/.ssh/authorized_keys//Append the content to the Authorized_keys file, but log on to the remote server to execute the command

    2.3 Bulk-free through ansible

2.3.1 will need to do a secret-free operation of the machine hosts to add to the/etc/ansible/hosts:

[Avoid Close]
192.168.91.132
192.168.91.133
192.168.91.134

2.3.2 Execution of commands for free-secret operation

Ansible <groupname>-M authorized_key-a "User=root key= ' {{lookup (' file ', '/root/.ssh/id_rsa.pub ')}} '"-K

Example:

?
1234567891011121314 [[email protected]test sshpass-1.05]# ansible test -m authorized_key -a "user=root key=‘{{ lookup(‘file‘,‘/root/.ssh/id_rsa.pub‘) }}‘" -k  SSH password: ----->输入密码  192.168.91.135 | success >> {  "changed": true,   "key": "ssh-rsa    AAAAB3NzaC1yc2EAAAABIwAAAQEArZI4kxlYuw7j1nt5ueIpTPWfGBJoZ8Mb02OJHR8yGW7A3izwT3/uhkK7RkaGavBbAlprp5bxp3i0TyNxa/apBQG5NiqhYO8YCuiGYGsQAGwZCBlNLF3gq1/18B6FV5moE/8yTbFA4dBQahdtVP PejLlSAbb5ZoGK8AtLlcRq49IENoXB99tnFVn3gMM0aX24ido1ZF9RfRWzfYF7bVsLsrIiMPmVNe5KaGL9kZ0svzoZ708yjWQQCEYWp0m+sODbtGPC34HMGAHjFlsC/SJffLuT/ug/hhCJUYeExHIkJF8OyvfC6DeF7ArI6zdKER7D8M0SM  WQmpKUltj2nltuv3w== [email protected]",   "key_options": null,   "keyfile": "/root/.ssh/authorized_keys",   "manage_dir": true,   "path": null,   "state": "present",   "unique": false,   "user": "root"  }  [[email protected]test sshpass-1.05]#

2.4 How to manually copy and paste

Copy the contents of the local id_rsa.pub file to the remote server's ~/.ssh/authorized_keys file

The above is a small part of the introduction of the Linux implementation of password-free login, I hope that we have some help, if you have any questions please give me a message, small series will promptly reply to you. Thank you very much for the support of the Scripting House website!

Original link: http://www.cnblogs.com/LuisYang/archive/2016/10/12/5952871.html

Password-free login under Linux (Super verbose)

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More