Password-free logon in Linux and password-free logon in Linux

Source: Internet
Author: User

Password-free logon in Linux and password-free logon in Linux
1. Generate a key in Linux

For the command manual of ssh-keygen, run the "man ssh-keygen" command:

  

Run "ssh-keygen-t rsa"

  

A ". ssh" folder is generated in the root directory of the user.

  

Entering ". ssh" will generate the following files:

  

Authorized_keys: stores the public key for remote password-free logon. This file records the public keys of multiple machines.
Id_rsa: generated private key file
Id_rsa.pub: generated public key file
Know_hosts: list of known host public keys

If you want the ssh public key to take effect, you must meet at least the following two conditions:

      1) the ssh directory permission must be 700
2). The ssh/authorized_keys File Permission must be 600

2. Remote Password-free Logon

Schematic:

    

The following methods are commonly used:

2.1 Using ssh-copy-id

Command:Ssh-copy-id-I ~ /. Ssh/id_rsa.put <romte_ip>

Example:

[Root @ test. ssh] # ssh-copy-id-I ~ /. Ssh/id_rsa.pub 192.168.91.135
Root@192.168.91.135's password:
Now try logging into the machine, with "ssh '192. 168.91.135 '", and check in:

. Ssh/authorized_keys

To make sure we haven't added extra keys that you weren't expecting.

[Root @ test. ssh] # ssh root@192.168.91.135
Last login: Mon Oct 10 01:25:49 2016 from 192.168.91.133
[Root @ localhost ~] #

Common Errors:

[Root @ test ~] # Ssh-copy-id-I ~ /. Ssh/id_rsa.pub 192.168.91.135

-Bash: ssh-copy-id: command not found // The system prompts that the command does not exist.

Solution:Yum-y install openssh-clients

 

2.2 write content to the object's file through scp

Command:Scp-p ~ /. Ssh/id_rsa.pub root @ <remote_ip>:/root/. ssh/authorized_keys

Example:

[Root @ test. ssh] # scp-p ~ /. Ssh/id_rsa.pub root@192.168.91.135:/root/. ssh/authorized_keys
Root@192.168.91.135's password:
Id_rsa.pub 100% 408 0.4KB/s
[Root @ test. ssh] #
[Root @ test. ssh] #
[Root @ test. ssh] #
[Root @ test. ssh] # ssh root@192.168.91.135
Last login: Mon Oct 10 01:27:02 2016 from 192.168.91.133

 

[Root @ localhost ~] #

 

You can also perform the following two steps:

$ Scp ~ /. Ssh/id_rsa.pub root @ <remote_ip>: pub_key // copy the file to the remote server
$ Cat ~ /Pub_key> ~ /. Ssh/authorized_keys // append the content to the authorized_keys file. However, you must log on to the remote server to execute this command.

2.3 batch password-free through Ansible

2.3.1 Add the hosts of the machine that requires password-free operations to/etc/ansible/hosts:
[Avoid close]
192.168.91.132
192.168.91.20.
192.168.91.134

2.3.2 execute commands for password-free operations

  Ansible <groupname>-m authorized_key-a "user = root key = '{lookup ('file','/root/. ssh/id_rsa.pub ')}'"-k

Example:
[Root @ test sshpass-1.05] # ansible test-m authorized_key-a "user = root key = '{lookup ('file','/root /. ssh/id_rsa.pub ')}' "-k
SSH password: -----> enter the password
192.168.91.135 | success >> {
"Changed": true,
"Key": "ssh-rsa Secure/secure/18B6FV5moE/8yTbFA4dBQahdtVP secure + sodbtgpc34hmahjflsc/SJffLuT/ug/FIG = root@localhost.localdomain ",
"Key_options": null,
"Keyfile": "/root/. ssh/authorized_keys ",
"Manage_dir": true,
"Path": null,
"State": "present ",
"Unique": false,
"User": "root"
}
[Root @ test sshpass-1.05] #

2.4 manual copy and paste

Copy the content of the local id_rsa.pub file to the remote server ~ /. Ssh/authorized_keys File

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.