Ssh password-less logon authority guide, ssh Password Logon Guide
[0] PrefaceBecause ssh implements password-free login, the general steps are as follows:
- 0.1)The client logs on to the server through ssh;
- 0.2)Server checks the. ssh file in the home directory, and sends the public key file authorized_keys to the client;
- 0.3)The client receives the public key file from the server, parses it with its own private key file, and calculates the new public key file C;
- 0.4)The server segment receives the client's public key file C and matches it with its own public key file (it has its own matching algorithm, you don't care). If the matching succeeds, the client successfully logs on to the server;
- (Attention ):
Here, we have to say that the process of establishing an ssh password-free login is really complicated. Therefore, ssh requires strict access to the configuration file. If you are a friend, you will not be able to establish password-free login Based on the access permissions set in this article, the consequence is at your own risk (Here we only want to emphasize that ssh requires strict access to the configuration file! (Just because the access permission to your configuration file is not completely correct, ssh has never been able to achieve normal password-free login, which is very effort-consuming)
[1] Install ssh
server installation :sudo yum -y install openssh.i686client installation: sudo yum -y install openssh-clients
[2] My task: hadoop @ hadoop0 (Client) password-free login to hadoop @ hadoop1 (Server)
- 2.1) generate the private key and public key for creating ssh (client operation)
- Attention)
- A1)~ /. Ssh/the directory must have 700 permissions!
A2)The archive permission of id_rsa should be paid special attention! He must be-rw ---! Otherwise, in the future key comparison process, it may be determined as dangerous and fail to use the public/private key pair file mechanism to bring it online.
(However, by default, all created files meet the preceding requirements)
2.2) create a. ssh folder in the home directory of the server and set the access permission to 700 (server operation)
2.3) Upload the client's public key file data to the server (client operation)
- 2.4) change the public key file name under the. ssh folder of the server to authorized_keys, and change the access permission to 600 or 644 (server operation)
- 2.5) client login to the server without Password
Copyright Disclaimer: This article is an original article by the blogger and cannot be reproduced without the permission of the blogger.