Shulou(Shulou.com)06/01 Report--

This article "linux remote login ssh password free how to configure" article knowledge point most people do not understand, so small make up to you summarized the following content, detailed content, clear steps, has a certain reference value, I hope you can read this article to gain something, let's take a look at this article "linux remote login ssh password free how to configure" article bar.

I. Scenario

The company has just installed a few linux, and now it is necessary to remotely ssh password-free login between hosts.

II. Principle

Very simple, use ssh-keygen to generate private and public keys on host a, copy the generated public key to remote host b, and then use ssh command to log in to another host b without password.

III. Steps

Host a:

1. Generate public key and private key files id_rsa and id_rsa.pub (type 3 and enter)

[root@bogon ~]# ssh-keygen -t rsa

generating public/private rsa key pair.

enter file in which to save the key (/root/.ssh/id_rsa):

enter passphrase (empty for no passphrase):

enter same passphrase again:

your identification has been saved in /root/.ssh/id_rsa.

your public key has been saved in /root/.ssh/id_rsa.pub.

the key fingerprint is:

67:da:0d:79:e0:d6:2b:cd:7d:22:af:51:7e:9c:75:fe root@bogon

the key's randomart image is:

+--[ rsa 2048]----+

| |

| |

| . |

| . + |

| s b o . o|

| * * = o+|

| . o b +.=|

| . + +.|

| ... e|

+-----------------+

The ssh-cop-id command copies the specified public key file to the remote computer.

[root@bogon ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.1.250.166

the authenticity of host '10.1.250.166 (10.1.250.166)' can't be established.

rsa key fingerprint is c8:9d:6d:92:55:77:3d:3e:af:f5:cb:18:80:5a:47:93.

are you sure you want to continue connecting (yes/no)? yes

warning: permanently added '10.1.250.166' (rsa) to the list of known hosts.

reverse mapping checking getaddrinfo for bogon [10.1.250.166] failed - possible break-in attempt!

root@10.1.250.166's password:

now try logging into the machine, with "ssh 'root@10.1.250.166'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

3. Then ssh login host b to verify whether a password is required

[root@localhost ~]# ssh 10.1.250.166

reverse mapping checking getaddrinfo for bogon [10.1.250.166] failed - possible break-in attempt!

last login: wed oct 21 10:05:39 2015 from 10.1.250.141

[root@bogon ~]#

4. After successful login, we need to do the above 3 steps in host B, so that we can log in without password ssh. (If there are multiple hosts, do the same operation for each host to facilitate later management).

5. Question of authority

It is recommended to use other users to do ssh login, adjust the directory file permissions

Set authorized_keys permissions

chmod 644 authorized_keys

Set.ssh directory permissions

chmod 700 -r .ssh

Make sure that only the user has permission to write.ssh and authorized_keys. Otherwise validation is invalid.

The above is about "linux remote login ssh password free how to configure" the content of this article, I believe everyone has a certain understanding, I hope the content shared by Xiaobian is helpful to everyone, if you want to know more related knowledge content, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.