Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to set up SSH password-free login on the server of CentOS system". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Next let the editor to take you to learn "how to set up SSH password-free login on the server of the CentOS system"!

SSH is open source and is the most reliable network protocol for remote login. System administrators use it to execute commands and transfer files to another computer on the network through the SCP protocol.

By configuring SSH password-free login, you can enjoy the following convenience:

Automate daily work with scripts.

Enhance the security of the Linux server. This is a recommended method to prevent virtual private servers (VPS) from being attacked by brute force, and SSH keys are almost unbreakable by brute force.

What is ssh-keygen?

Ssh-keygen is a tool for generating, creating, and managing public and private keys for SSH authentication. With the ssh-keygen command, users can create keys that support both SSH1 and SSH2 protocols. Ssh-keygen creates a RSA key for the SSH1 protocol, and SSH2 can be RSA or DSA.

What is ssh-copy-id?

Ssh-copy-id is a script command used to copy the local public key to a remote authorized_keys file. It also appends the identity file to the remote machine's ~ / .ssh/authorized_keys file and gives the remote host's user home directory appropriate permissions.

SSH key

SSH keys provide a better and secure mechanism for logging in to Linux servers. After running ssh-keygen, a public-private key pair is generated. You can place the public key on any server and use it to unlock it when you connect to the server from the client that holds the private key. When the two match, the system can be unlocked without a password.

Set password-free login SSH on CentOS and RHEL

The following steps passed the test on CentOS 5-6-7, RHEL 5-6-7 and Oracle Linux 6gam7.

Node 1: 192.168.0.9 Node 2: 192.168.l.10

Step 1:

Test the connection and access from node 1 to node 2:

The code is as follows:

[root@node1 ~] # ssh root@192.168.0.10

The authenticity of host '192.168.0.10 (192.168.0.10)' can't be established.

RSA key fingerprint is 6d:8f:63:9b:3b:63:e1:72:b3:06:a4:e4:f4:37:21:42.

Are you sure you want to continue connecting (yes/no)? Yes

Warning: Permanently added '192.168.0.10' (RSA) to the list of known hosts.

Root@192.168.0.10's password:

Last login: Thu Dec 10 22:04:55 2015 from 192.168.0.1

[root@node2 ~] #

Step 2:

Use the ssh-key-gen command to generate public and private keys, and it is important to note that the private keys can be encrypted to enhance security.

Step 3:

The code is as follows:

[root@node1 ~] # ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/ root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in / root/.ssh/id_rsa.

Your public key has been saved in / root/.ssh/id_rsa.pub.

The key fingerprint is:

B4:51:7e:1e:52:61:cd:fb:b2:98:4b:ad:a1:8b:31:6d root@node1.ehowstuff.local

The key's randomart image is:

+-[RSA 2048]-+

|. + + |

| | o o o |

| o o o. | |

|. O +.. | |

| S. . | |

|. .. . |

| | o E oo.o |

| = ooo. | |

|. O.o. | |

+-+

Copy or upload the public key to the remote host with the ssh-copy-id command, and append the identity file to node 2 in ~ / .ssh/authorized_keys:

The code is as follows:

[root@node1] # ssh-copy-id-I ~ / .ssh/id_rsa.pub 192.168.0.10

Root@192.168.0.10's password:

Now try logging into the machine, with "ssh '192.168.0.10'", and check in:

.ssh / authorized_keys

To make sure we haven't added extra keys that you weren't expecting.

Step 4:

Verify password-free SSH login node 2:

The code is as follows:

[root@node1 ~] # ssh root@192.168.0.10

Last login: Sun Dec 13 14:03:20 2015 from www.ehowstuff.local

At this point, I believe that everyone on the "CentOS system server how to set SSH password-free login" have a deeper understanding, might as well to the actual operation of it! Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.