SSH password-less logon requires the public key and private key. In Linux, ssh-keygen can be used to generate public/private key pairs. The following uses centos as an example.
There are machines A (192.168.1.155) and B (192.168.1.181 ). Now I want a to log on to B via SSH without a password.
1. Generate a public/private key pair on host.
[Chenlb @ A ~] $ Ssh-keygen-t rsa-p''
-P indicates the password.-P ''indicates that the password is empty, or you do not need the-p parameter. In this case, you have to press enter three times and press enter once with-P.
It generates the. Ssh directory under/home/chenlb, and id_rsa and id_rsa.pub under. Ssh.
2. Copy id_rsa.pub under machine A to machine B. In the. Ssh/authorized_keys file of machine B, I use SCP to copy.
[Chenlb @ A ~] $ SCP. Ssh/id_rsa.pub chenlb@192.168.1.181:/home/chenlb/id_rsa.pub
Chenlb@192.168.1.181's password:
Id_rsa.pub 100% 223 0.2kb/s
Because no password-free logon is available, you need to enter the password.
3. Machine B adds id_rsa.pub copied from machine A to the. Ssh/authorzied_keys file.
[Chenlb @ B ~] $ Cat id_rsa.pub>. Ssh/authorized_keys
[Chenlb @ B ~] $ Chmod 600. Ssh/authorized_keys
The authorized_keys permission is 600.
4. Machine A logs on to machine B.
[Chenlb @ A ~] $ SSH 192.168.1.181
The authenticity of host' 192. 168.1.181 (192.168.1.181) 'can't be established.
RSA key fingerprint is 00: A6: A8: 87: EB: C7: 40: 10: 39: CC: A0: EB: 50: D9: 6a: 5B.
Are you sure you want to continue connecting (Yes/No )? Yes
Warning: Permanently added '192. 168.1.181 '(RSA) to the list of known hosts.
Last login: Thu Jul 3 09:53:18 2008 from chenlb
[Chenlb @ B ~] $
When logging on for the first time, you must enter yes.
Now machine A can log on to machine B without a password.
Summary: The logon host has a private key, and the logged-on host must have a public key. This public/private key pair is generally generated on the host machine of the private key. The above is a public/private key pair using the RSA algorithm. Of course, you can also use DSA (the corresponding file is id_dsa, id_dsa.pub)
If you want a and B to log on to each other without a password, configure the same method as above.
Refer to: SSH-keygen usage
Http://blog.163.com/chen98_2006@126/blog/static/158584272007101862513886/