Shulou(Shulou.com)06/01 Report--

This article is about the Linux system to set up SSH secret-free login solution is what, the editor thinks it is very practical, so share with you to learn, I hope you can get something after reading this article, say no more, follow the editor to have a look.

Introduction to SSH protocol: SSH is an encrypted login protocol between computers, which is relative to the plaintext transmission of telnet and rsh.

Encryption, checksum and compression are provided so that we can safely operate remotely without worrying about information disclosure (of course, not absolutely, encryption is always possible to be cracked, but it is much better than plaintext).

Linux system to set up SSH secret-free login solution: environment settings (root permissions) 1. To turn off the firewall and SELinuxRedhat, SELinux is used to enhance security. The method to close is: a. Change the SELINUX=enforcing in the / etc/selinux/config file to SELINUX=disabled, and then restart. b. Temporarily effective setenforce 0 the method to turn off the firewall is: a. Permanently open: chkconfig iptables on off: chkconfig iptables off b. Temporarily effective and enabled: service iptables start is closed: service iptables stop needs to set up the two servers respectively, and turn off the firewall and SELinux.

two。 Set the hostname edit / etc/sysconfig/network file, use the command: vim / etc/sysconfig/network, set the format: HOSTNAME= [hostname]. Set the hostname of server A to server1.

Set the hostname of server B to server2.

3. To configure the hosts edit / etc/hosts file, use the command: vim / etc/hosts, and add the following configuration to the hosts file of the two servers:

192.168.12.11 server1 192.168.12.12 server2

4. Configure sshd to edit the / etc/ssh/sshd_config file for both servers, using the command: vim / etc/ssh/sshd_config. Remove the "#" comment from the following three lines:

RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh / authorized_keys restart the sshd service, using the command: / sbin/service sshd restart.

Secret key 3 setting 1. Use the command to create a password-free login account:

Useradd guest1 / / create a new user passwd guest1 / / set a new user login password

Similarly, create a guest2 account in server2.

two。 To generate the secret key, switch from the root user to the account you want to log in without a password, using the command: su guest1. Execute the command: ssh-keygen-t rsa

Enter directly without specifying a password. After the command is executed, two files will be generated in the guest1 user's home directory (/ home/guest1/.ssh):

Id_rsa: private key id_rsa.pub: public key

Follow the same steps to generate the key file for the guest2 account in server2.

3. Import the public key into the authentication file using the command:

Cat / home/guest1/.ssh/id_rsa.pub > > / home/guest1/.ssh/authorized_keys ssh guest2@server2 cat / home/guest2/.ssh/id_rsa.pub > > authorized_keys

Use the command cat authorized_keys to view the authorized_keys file as follows:

4. Set file access permissions to use the command:

After chmod 700 / home/guest1/.ssh chmod 600 / home/guest1/.ssh/authorized_keys performs the above settings, server1 can log in to the machine without a password, using the command: ssh guest1@server1.

Note: when the host name information is missing in the known_hosts file, the following information will be prompted. Enter yes to write the host name to the known_hosts file and log in successfully.

At this point, the SSH password-free login of the host server1 is complete, and then configure server2.

5. Copy the authentication file to another host and execute the following command to copy the generated authorized_keys and known_hosts files from server1 to server2.

# scp [local files to be transferred] [remote host user name] @ remote host ip or hostname: [destination location of files to be transferred] scp / home/guest1/.ssh/authorized_keys guest2@server2:/home/guest2/.ssh/authorized_keys scp / home/guest1/.ssh/known_hosts guest2@server2:/home/guest2/.ssh/known_hosts

After the replication is complete, use the following command to set file access permissions.

Chmod 700s / home/guest2/.ssh chmod 600s / home/guest2/.ssh/authorized_keys then execute the ssh guest1@server1 command to log in to server1's guest1 account without a password using server2's guest2 account.

What are the versions of Linux? the versions of Linux are Deepin, UbuntuKylin, Manjaro, LinuxMint, Ubuntu and so on. Among them, Deepin is one of the best-developed Linux distributions in China; UbuntuKylin is a derivative release based on Ubuntu; Manjaro is a Linux release based on Arch; LinuxMint's default Cinnamon desktop is similar to Windows XP's easy-to-use; Ubuntu is the Linux operating system based on desktop applications.

The above is the solution to set up SSH secret-free login in Linux system. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.