Using ssh without a password to log on to ssh is a protocol designed for security of remote logon sessions and other network services. By default, ssh connections require password authentication. you can add system authentication (public key-private key) changes, after modification, switching between systems can avoid password input and ssh authentication .... Using ssh without a password to log on to ssh is a protocol designed for security of remote logon sessions and other network services. By default, ssh connections require password authentication. you can add system authentication (public key-private key) modifications. after modification, inter-system switching can avoid password input and ssh authentication. The following describes the creation process. 1. Use ssh-keygen to create a public/private key pair for ssh-keygen-tdsa-C jibo.tiger@gmail.com-f ~ /. Ssh/jibo.tiger@gmail.com process, may require a password, in order to ssh access process without a password, you can directly press Enter. 2. check the public/private key pair ls ~ /. Sshjibo.tiger@gmail.com jibo.tiger@gmail.com.pub config can find two key files under the ssh directory where the jibo.tiger@gmail.com.pub is the public key, the jibo.tiger@gmail.com is the private key 4. copy the public key to the server host scp jibo.tiger@gmail.com.pub hostname @ I :~ /. Ssh/jibo.tiger@gmail.com.pub5. add a public key to a trusted cat jibo.tiger@gmail.com.pub on the service Host> authorized_keysnot: 4, 5 steps by command ssh-copy-id one step in place ssh-copy-id-I jibo.tiger@gmail.com.pub user @ ip6. set file and directory permissions: set authorized_keys permissions $ chmod 600 authorized_keys settings. ssh directory permission $ chmod 700-R. ssh summary note 1. do not set the file and directory permissions to chmod 777. this permission is too large, insecure, and digital signature is not supported. 2. the generated rsa/dsa signature public key is used by the other machine. The public key also needs to copy authorized_keys3 and ssh hostname @ ip for access between linux systems. If no hostname is specified, the local host name is used by default. 4. a machine generates its own RSA or DSA digital signature, sends the public key to the target machine, and then sets the relevant permissions (public key and authorized_keys permissions) after receiving the request ), the target machine can be accessed without a password by the machine that generates a digital signature.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
