Remote login/password-free logon-ssh,ssh-keygen,ssh-copy-id for Linux commands

SSH is a secure channel protocol that is used primarily for remote logins. In the Rhel 5 system, the OPENSSH server is provided by software packages such as OpenSSH, Openssh-server, which are installed by default, and the sshd is added as a standard system service. Use the following methods:

$ SSH Host

$ ssh Username@host

$ ssh-p 222 Username@host

-P: Specifies the access port; If this argument is omitted, the default port of SSH service is accessed by default 22;

If you are logged on to the other host for the first time, a prompt appears:

The authenticity of host ' host (192.168.0.21) ' can ' t be established.

RSA key fingerprint is 98:2e:d7:e0:de:9f:ac:67:28:c2:42:2d:37:16:58:4d.

Are you sure your want to continue connecting (yes/no)?

This passage is to say, cannot confirm host hosts authenticity, only know its public key fingerprint, ask you still want to continue to connect?

After you enter Yes, a prompt appears indicating that host hosts have been recognized.

warning:permanently added ' host,192.168.0.21 ' (RSA) to the list of known hosts.

Then ask for the secret:

$ Password: (enter Password)

At this point, if the secret is correct, you can log in.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In the trust environment, if each remote login, you have to enter a password, feel too wasted time, especially the password is very complex, maintenance of the server more than the case.

So there is a normal need: you do not have to enter a password to achieve remote logins.

The implementation steps are as follows:

1, local generation of a pair of secret key files (public and private key);

$ ssh-keygen

#以上命令等价于 ssh-keygen-t RSA

#-t: Specifies the type of key, which defaults to the RSA type of SSH-2;

After you run the above command, a series of prompts will appear, and you can return all the way. specifically , one of the issues is whether you want to set a password for the private key (passphrase), and if you are concerned about the security of the private key, you can set one. After the run is completed, the ~/.ssh/directory will be reborn into two files:id_rsa.pub and id_rsa. The former public key, the latter is the private key.

2, the public key will be transmitted to the remote host hosts;

$ Ssh-copy-id User@host

After two steps, you can achieve a remote login without a password (the host saves the user's public key in the ~/.ssh/authorized_keys file).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Problems:

1, to generate the key and upload to the remote host, still unable to implement password-free login?

Open the remote host's/etc/ssh/sshd_config this file, and uncomment the following lines.

#RSAAuthentication =yes

#PubkeyAuthentication =yes

#AuthorizedKeysFile =.ssh/authorized_keys

Then, restart the SSH service for the remote host.

#ubuntu系统

$ Service SSH Restart

#debian系统

$/etc/init.d/ssh Restart

2. When executing the Ssh-copy-id command, the SSH service port of the remote server is not 22, as follows:

$ Ssh-copy-id Nameb@machineb

Ssh:connect to host Machineb Port 22:connection refused

The following command is used:

$ ssh-copy-id "-p 22000 Nameb@machineb"