You can set Wetty to execute command line operations without account logon.

Source: Internet
Author: User

You can set Wetty to execute command line operations without account logon.

In the previous article, we explained how to install and deploy the Wetty service in Linux. However, when you enter http: // 3000 in a browser, you also need to enter the account and password for authentication (as shown in the first line ).

However, in some application scenarios, users do not need to enter the account password for authentication, and users do not necessarily know the account password. We hope that the user can directly execute command operations.

Enter node app. js in the command line terminal and the following prompt will be displayed, listing all the options for starting the wetty service.

From these options, we can see that wetty performs terminal operations through ssh, and the -- sshauth is used to specify the ssh Authentication mode, which is password by default, indicates that the account and password are used for authentication.

There are four Ssh authentication methods: hostbased, publickey, keyboard-interactive, and password. The password is the account and password authentication method we mentioned above; The publickey is the RSA public key authentication method; the other two are temporarily ignored.

Wetty uses the password authentication method by default. We can use the -- sshauth option to specify the publickey authentication method. The ssh public key authentication mechanism is as follows:

You can store your public key on a remote host. When you log on, the remote host sends a random string to the user. After the user encrypts the string with his/her own private key, it returns the string. The remote host uses the pre-stored Public Key for decryption. If the decryption succeeds, it proves that the user is trusted. You can directly log on to the shell without requiring a password.

Then we need to open a command line terminal, and then enter

$ Ssh-keygen

To generate our public key and private key.

The public key and key generated by this command are saved in ~ by default ~ /. Ssh directory,

The id_rsa file stores the private key and the file stores the public key.

In the above ssh public key authentication mechanism, we need to talk about saving the public key to a remote machine and saving it in ~ /. Ssh/authorized_keys file. The public key is a string that can be appended to the end of the authorized_keys file. At this time, our remote machine is a local machine, so we only need ~ /. Ssh/ copy a copy and name it authorized_keys.

$ Cp ~ /. Ssh/ ~ /. Ssh/authorized_keys

Then we switch to the wetty directory and start the wetty service,

$ Node app. js-p 3000 -- sshauth = publickey

Then enter http: // 3000/in the browser. You can see that you can directly operate without entering the account and password, as shown in,

If it is too troublesome to specify the -- sshauth option during each startup, we can directly modify the source code in the app. js file. Open the app. js file. We can see that the default authentication method of sshauth specified by row 45th is password. We only need to change it to publickey.


This article permanently updates the link address:

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.