Shulou(Shulou.com)06/02 Report--

SSH password-free login

What is SSH?

Secret key-based security authentication means that you need to rely on the secret key, that is, a pair of key pairs must be established in advance, and then the public key (Public key) is placed on the target server that needs to be accessed.

You also need to put the private key (Private key) on the client of the SSH or the corresponding client server.

Introduction of experimental environment

Testtest-A 192.168.133.136 Central Distributor

Ceshi-B 192.168.133.128 receiver Node Server

Yueliang-C 192.168.133.130 receiving Node Server

Experimental demand

A-> B

A-> C

Configure the SSH lab environment

Many companies operate directly with root users, which is very irregular.

First, add the same system account on each of the three machines, and set the password

Useradd yuci

Echo "zhaoboyang" | passwd-- stdin yuci

Id yuci

Switch the current user of the three machines to yuci

Su-yuci

Operate only on A to create a key pair

Switch to the user yuci you just created to operate

Execute the following command and enter by default all the way.

Ssh-keygen-t dsa

View the file you just created in the home directory

Ll .ssh /

View the port of ssh on B (root permission is required to view the port)

Ssh is the default port 22

Netstat-tlunp | grep ssh

Pass the public key to B

Ssh port is the default connection mode of 22

Ssh-copy-id-I. ssh / id_dsa.pub yuci@192.168.133.128

If the connection mode of the ssh port is 52113

Ssh-copy-id-I id_dsa.pub "- p 52113 yuci@192.168.133.128"

As before, look at the port on C and pass the public key to C on A.

Ssh-copy-id-I. ssh / id_dsa.pub yuci@192.168.133.130

Note: ssh-copy-id is not a command, but a script

Check the public key you just received on B / C, and the name has changed.

Ls .ssh /

Connect to B on An and connect remotely without a password

Ssh yuci@192.168.133.128

Connect C on An and connect remotely without a password

Ssh yuci@192.168.133.130

To distribute files in bulk

First, create an a.txt file on A, and then send it to B / C through scp under the home directory of the two machines:

Echo 123 > a.txt

Push the files to the home directory and view them to the two machines respectively, and distribute the files successfully.

Scp a.txt yuci@192.168.133.128:~

Scp a.txt yuci@192.168.133.130:~

If distributing files is slow, you need to make the following changes

Solution: (both operate on the server side that needs to be connected)

1. On the ssh server, change the configuration in the / etc/ssh/sshd_config file to the following

UseDNS no

GSSAPIAuthentication no

Just restart the service / etc/init.d/sshd restart

two。 If it is still slow, you can check whether the hostname corresponding to 127.0.0.1 is the same as the result of uname-n in the / etc/hosts file, or add hostname (uname-n) to / etc/hosts.

Commands can also be executed remotely through ssh mutual trust.

Ssh yuci@192.168.100.140 / sbin/ifconfig eth0

[yuci@taiyang ~] $ssh yuci@192.168.100.140 / sbin/ifconfig eth0eth0 Link encap:Ethernet HWaddr 00:0C:29:83:45:A4 inet addr:192.168.100.140 Bcast:192.168.100.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe83:45a4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:7137 errors:0 dropped : 0 overruns:0 frame:0 TX packets:5025 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:6365176 (6.0 MiB) TX bytes:473704 (462.6 KiB)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.