SSH Password-less login

作者:Rui 发布时间:September 9, 2015 分类:Linux,CLOUD 浏览:640

工作中有管理多台Linux主机,经常SSH远程登录其他主机,每次输入密码比较麻烦,SSH Password-less login 是解决这个问题比较好的方法之一。该文章记录一下SSH Password-less login 的具体使用步骤。

####设置环境

SSH client : 10.147.15.71
SSH Remote Login Server: 10.147.6.205

该示例中,我们要设置从 IP 71的服务器SSH 自动登录205的服务器

Step 1: 创建 Authentication SSH-Kegen Keys – (10.147.15.71)

# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/xp017734/.ssh/id_rsa): [Press enter key]
Created directory '/home/xp017734/.ssh'.
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Press enter key]
Your identification has been saved in /home/xp017734/.ssh/id_rsa.
Your public key has been saved in /home/xp017734/.ssh/id_rsa.pub.
The key fingerprint is:
5f:ad:40:00:8a:d1:9b:99:b3:b0:f8:08:99:c3:ed:d3 xp017734@cbjlx9438
The key's randomart image is:
+--[ RSA 2048]----+
|        ..oooE.++|
|         o. o.o  |
|          ..   . |
|         o  . . o|
|        S .  . + |
|       . .    . o|
|      . o o    ..|
|       + +       |
|        +.       |
+-----------------+

该命令会在.ssh 目录下生成id_rsa.pub 和id_rsa 文件,分别存放ssh的public key和 private key

Step 2: 创建 .ssh 目录 – 10.147.6.205
在205服务器上面建立ssh目录

mkdir -p .ssh

Step 3: 上传生成 Public Keys –10.147.6.205
将71服务器生成的public key,复制到 205 服务器上ssh目录下的authorized_keys 文件中 例如:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9t/c/aZ9QLNfdd0mpJR/+WV2vs+I2axSpNlv47O8sk+iumeknY5AkFroNF+d9URKKk08FpZyHkVh5z7tt0Ko2A2WBxehW4xAYC0sngkMagFBsDI/hgWmAtVFKV3/Ad0R8rRLtdP9KL4bgl0WXUbqg+E6UhNV2FoOIH9olyyNsjFIJVhVbrBazphcfSeW4sh7g3tuJR0CqG/mTYESkQqrrOpWwK5mVLDy8BWzefBLW/VPrzh84NJq4LmIMD1ls3ZfN4cB8ehbAwRd/pMlYBFL5RoLDN89MsUb1qQFAQfa6JdASDKkE6+w9/cviqlenu3cySv34PKtKiyPogO4LrQGP xp017734@cnbjlx9438

Step 4: 设置权限 –10.147.6.205
设置205服务器上的ssh目录权限

chmod 700 .ssh; chmod 640 .ssh/authorized_keys

Exceptions :

  1. ssh: “Agent admitted failure to sign using the key”
    在客户端执行ssh-add 命令

  2. “You are not exist! please go away ”
    删除客户端know_hosts 文件

标签: linux

添加新评论 »