Shulou(Shulou.com)06/01 Report--

It is believed that many inexperienced people don't know what to do about how to set up SSH secret-free login in Linux system. Therefore, this paper summarizes the causes and solutions of the problem. Through this article, I hope you can solve this problem.

Ssh is a protocol written by the IETF network team that specializes in remote login sessions and other network services to provide security. At present, most systems support SSH.

Let's log in to the serverA server using usera

[root@serverA ~] # su-usera [usera@serverA ~] $pwd / home/usera then generate a key pair on serverA

[usera@serverA] $ssh-keygen-t rsa Generating public/private rsa key pair. Enter file in which to save the key (/ home/usera/.ssh/id_rsa): Created directory'/ home/usera/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in / home/usera/.ssh/id_rsa. Your public key has been saved in / home/usera/.ssh/id_rsa.pub. The key fingerprint is: 39:f2:fc:70:ef:e9:bd:05:40:6e:64:b0:99:56:6e:01 usera@serverA The key's randomart image is: +-- [RSA 2048]-+ | Eo* | | @. | | = * | | o o. | |. S. | | +. . | | +. . | | +. O. | | .o = o. | +-+ |

A key pair is generated in the / home/usera/.ssh directory

[usera@serverA] $ls-la. Ssh total dosage 16 drwx- 2 usera usera 4096 August 24 09:22. Drwxrwx--- 12 usera usera 4096 August 24 09:22.. -rw- 1 usera usera 1675 August 24 09:22 id_rsa-rw-r--r-- 1 usera usera 399 August 24 09:22 id_rsa.pub then upload the public key to the serverB server and log in as userb

[usera@portalweb1] $ssh-copy-id userb@10.124.84.20 The authenticity of host '10.124.84.20 (10.124.84.20)' can't be established. RSA key fingerprint is f0:1c:05:40:d3:71:31:61:b6:ad:7c:c2:f0:85:3c:cf. Are you sure you want to continue connecting (yes/no)? Yes Warning: Permanently added '10.124.84.20' (RSA) to the list of known hosts. Userb@10.124.84.29's password: Now try logging into the machine, with "ssh 'userb@10.124.84.20'", and check in: .ssh / authorized_keys to make sure we haven't added extra keys that you weren't expecting.

At this time, the contents of usera's public key file will be appended to the .ssh / authorized_keys file of userb.

[usera@serverA ~] $cat .ssh / id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2dpxfvifkpswsbusPCUWReD/mfTWpDEErHLWAxnixGiXLvHuS9QNavepZoCvpbZWHade88KLPkr5XEv6M5RscHXxmxJ1IE5vBLrrS0NDJf8AjCLQpTDguyerpLybONRFFTqGXAc/ximMbyHeCtI0vnuJlvET0pprj7bqmMXr/2lNlhIfxkZCxgZZQHgqyBQqk/RQweuYAiuMvuiM8Ssk/rdG8hL/n0eXjh9JV8H17od4htNfKv5+zRfbKi5vfsetfFN49Q4xa7SB9o7z6sCvrHjCMW3gbzZGYUPsj0WKQDTW2uN0nH4UgQo7JfyILRVZtwIm7P6YgsI7vma/vRP0aw== usera@serverA check the ~ / .ssh/authorized_keys file under the serverB server userb user, the content is the same, I will not paste the picture here.

[userb@serverB ~] $cat .ssh / authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2dpxfvifkpswsbusPCUWReD/mfTWpDEErHLWAxnixGiXLvHuS9QNavepZoCvpbZWHade88KLPkr5XEv6M5RscHXxmxJ1IE5vBLrrS0NDJf8AjCLQpTDguyerpLybONRFFTqGXAc/ximMbyHeCtI0vnuJlvET0pprj7bqmMXr/2lNlhIfxkZCxgZZQHgqyBQqk/RQweuYAiuMvuiM8Ssk/rdG8hL/n0eXjh9JV8H17od4htNfKv5+zRfbKi5vfsetfFN49Q4xa7SB9o7z6sCvrHjCMW3gbzZGYUPsj0WKQDTW2uN0nH4UgQo7JfyILRVZtwIm7P6YgsI7vma/vRP0aw== usera@serverA. In addition, we should note that the permissions of the .ssh directory are 700, and the permissions of the files authorized_keys and private keys under it are 600. Otherwise, you will not be able to log in without a password because of permission problems. We can see that known_hosts files will be generated after login.

[useb@serverB ~] $ls-la .ssh total 24 drwx-. 2 useb useb 4096 Jul 27 16:13. Drwx-. 35 useb useb 4096 Aug 24 09:18.. -rw- 1 useb useb 796 Aug 24 09:24 authorized_keys-rw- 1 useb useb 1675 Jul 27 16:09 id_rsa-rw-r--r-- 1 useb useb 397 Jul 27 16:09 id_rsa.pub-rw-r--r-- 1 useb useb 1183 Aug 11 13:57 known_hosts after this we can log in without a password

[usera@serverA] $ssh userb@10.124.84.20 in addition, there are several ways to copy the public key to the server's ~ / .ssh/authorized_keys file: 1. Copy the public key to the server through scp, and then append it to the ~ / .ssh/authorized_keys file, which is troublesome. Scp-P 22 ~ /. Ssh/id_rsa.pub user@host:~/. 2. Through the ssh-copy-id program, which is the method I demonstrated, ssh-copyid user@host can be done. 3. You can use cat ~ / .ssh/id_rsa.pub | ssh- p 22 user@host 'cat > > ~ /. Ssh/authorized_keys', this is also a common method, because the port number can be changed.

A large number of scalable redundancy capabilities are designed in the SSH protocol framework, such as user-defined algorithms, customer-defined key rules, and high-level extended functional application protocols.

What is Linux system Linux is a free-to-use and free-spread UNIX-like operating system, is a POSIX-based multi-user, multi-task, multi-threaded and multi-CPU operating system, using Linux can run major Unix tools, applications and network protocols.

After reading the above, have you mastered how to set up SSH secret-free login in Linux system? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.