Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to configure ssh secret-free login under Linux, which has a certain reference value, and interested friends can refer to it. I hope you will gain a lot after reading this article.

SSH is the login tool of Linux system, which is now widely used in server login and all kinds of encrypted communication.

Generate key under 1.Linux

Ssh-keygen command manual, through the "man ssh-keygen" command:

Through the command "ssh-keygen-t rsa"

After generation, a folder of ".ssh" is generated in the user's root directory.

Entering ".ssh" will generate the following files

Authorized_keys: stores the public key of remote secret-free login. This file records the public keys of multiple machines id_rsa: generated private key file id_rsa.pub: generated public key file know_hosts: known host public key list if you want the ssh public key to take effect, you need to meet at least the following two conditions:

❝

\ 1) the permissions of the .ssh directory must be 7002) .ssh / authorized_keys file permissions must be 600

two。 Remote secret-free login

Schematic:

Ssh Advanced use under Linux-Secret-free Login ssh Advanced use-Secret-Free Login under Linux

The following methods are commonly used:

2.1 through ssh-copy-id

❝

Command: ssh-copy-id-I ~ / .ssh/id_rsa.put

For example:

[root@test .ssh] # ssh-copy-id-I ~ / .ssh/id_rsa.pub 192.168.91.135root@192.168.91.135's password:Now try logging into the machine, with "ssh '192.168.91.135'" And check in:.ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting. [root@test .ssh] # ssh root@192.168.91.135Last login: Mon Oct 10 01:25:49 2016 from 192.168.91.133 [root@localhost ~] #

Common errors:

[root@test ~] # ssh-copy-id-I ~ / .ssh/id_rsa.pub 192.168.91.135-bash: ssh-copy-id: command not found / / prompt command does not exist

Solution: yum-y install openssh-clients

2.2 write content to the other party's file through scp

❝

Command: scp-p ~ / .ssh/id_rsa.pub root@:/root/.ssh/authorized_keys

For example:

[root@test .ssh] # scp-p ~ / .ssh/id_rsa.pub root@192.168.91.135:/root/.ssh/authorized_keysroot@192.168.91.135's password: id_rsa.pub 100% 408 0.4KB/s 00:00 [root@test] # [root@test .ssh] # ssh root@192.168.91.135Last login: Mon Oct 10 01:27:02 2016 from 192.168.91.133 [root@localhost ~] #

2.3Implementation of batch confidentiality through Ansible

2.3.1 add the machine hosts that needs to be secret-free to / etc/ansible/hosts:

[Avoid close] 192.168.91.132192.168.91.133192.168.91.134

2.3.2 execute the command for secret-free operation

❝

Ansible-m authorized_key-a "user=root key=' {{lookup ('file','/root/.ssh/id_rsa.pub')}}'"-k

Example:

[root@test sshpass-1.05] # ansible test-m authorized_key-a "user=root key=' {{lookup ('file','/root/.ssh/id_rsa.pub')}}'"-k SSH password:-> enter the password 192.168.91.135 | success > > {"changed": true, "key": "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArZI4kxlYuw7j1nt5ueIpTPWfGBJoZ8Mb02OJHR8yGW7A3izwT3/uhkK7RkaGavBbAlprp5bxp3i0TyNxa/apBQG5NiqhYO8YCuiGYGsQAGwZCBlNLF3gq1/18B6FV5moE/8yTbFA4dBQahdtVP PejLlSAbb5ZoGK8AtLlcRq49IENoXB99tnFVn3gMM0aX24ido1ZF9RfRWzfYF7bVsLsrIiMPmVNe5KaGL9kZ0svzoZ708yjWQQCEYWp0m+sODbtGPC34HMGAHjFlsC/SJffLuT/ug/hhCJUYeExHIkJF8OyvfC6DeF7ArI6zdKER7D8M0SM WQmpKUltj2nltuv3w== root@localhost.localdomain" "key_options": null, "keyfile": "/ root/.ssh/authorized_keys", "manage_dir": true, "path": null, "state": "present", "unique": false, "user": "root"} [root@test sshpass-1.05] #

2.4 copy and paste by hand

Copy the contents of the local id_rsa.pub file to the ~ / .ssh/authorized_keys file on the remote server

Thank you for reading this article carefully. I hope the article "how to configure ssh secret-free login under Linux" shared by the editor will be helpful to everyone. At the same time, I also hope you can support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.