SSH password-free Login

Source: Internet
Author: User

SSH password-less logon requires the public key and private key. In Linux, ssh-keygen can be used to generate public/private key pairs. The following uses centos as an example.

There are machines A (192.168.1.155) and B (192.168.1.181 ). Now I want a to log on to B via SSH without a password.

1. Generate a public/private key pair on host.

[Chenlb @ A ~] $ Ssh-keygen-t rsa-p''

-P indicates the password.-P ''indicates that the password is empty, or you do not need the-p parameter. In this case, you have to press enter three times and press enter once with-P.
It generates the. Ssh directory under/home/chenlb, and id_rsa and id_rsa.pub under. Ssh.

2. Copy id_rsa.pub under machine A to machine B. In the. Ssh/authorized_keys file of machine B, I use SCP to copy.

[Chenlb @ A ~] $ SCP. Ssh/id_rsa.pub chenlb@192.168.1.181:/home/chenlb/id_rsa.pub
Chenlb@192.168.1.181's password:
Id_rsa.pub 100% 223 0.2kb/s

Because no password-free logon is available, you need to enter the password.

3. Machine B adds id_rsa.pub copied from machine A to the. Ssh/authorzied_keys file.

[Chenlb @ B ~] $ Cat id_rsa.pub>. Ssh/authorized_keys
[Chenlb @ B ~] $ Chmod 600. Ssh/authorized_keys

The authorized_keys permission is 600.

4. Machine A logs on to machine B.

[Chenlb @ A ~] $ SSH 192.168.1.181
The authenticity of host' 192. 168.1.181 (192.168.1.181) 'can't be established.
RSA key fingerprint is 00: A6: A8: 87: EB: C7: 40: 10: 39: CC: A0: EB: 50: D9: 6a: 5B.
Are you sure you want to continue connecting (Yes/No )? Yes
Warning: Permanently added '192. 168.1.181 '(RSA) to the list of known hosts.
Last login: Thu Jul 3 09:53:18 2008 from chenlb
[Chenlb @ B ~] $

When logging on for the first time, you must enter yes.

Now machine A can log on to machine B without a password.

Summary: The logon host has a private key, and the logged-on host must have a public key. This public/private key pair is generally generated on the host machine of the private key. The above is a public/private key pair using the RSA algorithm. Of course, you can also use DSA (the corresponding file is id_dsa, id_dsa.pub)

If you want a and B to log on to each other without a password, configure the same method as above.

Refer to: SSH-keygen usage

Http://blog.163.com/chen98_2006@126/blog/static/158584272007101862513886/

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.