One, one-way
SSH-KEYGEN-T RSA
One-way no password access remote server operation is relatively simple, such as Server A requires no password to access server B (a–>b), then only need to generate a key pair in Server A, Upload the generated public key to the. SSH directory in the relevant user directory of Server B (not manually created, note that its directory permissions are 700), and change the public key file name to Authorized_keys (note that the permissions for this file should be 644), Please note that the permissions of the. SSH directory and the Authorized_keys file do not match, which invalidates the configuration.
Two, two-way
Add the contents of this machine's id_rsa.pub file to the other's Authorized_keys file.
Third, the problems encountered
Sometimes the steps are set up, SSH is still prompted to enter a password, you can use SSH ip-v to track, or in the file/var/log/secure to view the corresponding log.
For example, I set SSH password-free connection to the route host, still prompt for a password, after viewing the secure log, found the following information:
Mar 6 14:00:11 Route sshd[10353]: Authentication Refused:bad ownership or modes for DIRECTORY/HOME/TIANYC
Mar 6 14:01:06 Route sshd[10354]: Connection closed by 10.1.1.1
Mar 6 14:01:42 Route Su:pam_unix (su:session): Session opened for user root by root (uid=201301)
View this directory permissions, is set to 777, modified to 755 is normal:
[Email protected]/]# CD home/
[email protected] home]# LL
Total Dosage 108
Drwxr-xr-x. 2 root root 4096 January 23:52 LVs
Drwxrwxrwx. 6 Tianyc NEU 4096 March 6 10:57 Tianyc
DRWX------. 3 Wensong wensong 4096 January 17:24 Wensong
[Email protected] home]# chmod 755 tianyc
[email protected] home]# LL
Total Dosage 108
Drwxr-xr-x. 2 root root 4096 January 23:52 LVs
Drwxr-xr-x. 6 Tianyc NEU 4096 March 6 10:57 Tianyc
DRWX------. 3 Wensong wensong 4096 January 17:24 Wensong
[[Email protected] home]# exit
Exit
[[email protected]/]$ SSH route
Last login:wed Mar 6 11:14:29 from Route
[Email protected] ~]$
SCP Free Password transfer file