[转] Linux服务器三步骤配置免密码登陆

ssh-keygen  产生公钥与私钥对.

ssh-copy-id 将本机的公钥复制到远程机器的authorized_keys文件中,ssh-copy-id也能让你有到远程机器的home, ~./ssh , 和 ~/.ssh/authorized_keys的权利

第一步:在本地机器上使用ssh-keygen产生公钥私钥对

  1. [email protected]$ [Note: You are on local-host here]
  2. [email protected]$ ssh-keygen
  3. Generating public/private rsa key pair.
  4. Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
  5. Enter passphrase (empty for no passphrase): [Press enter key]
  6. Enter same passphrase again: [Pess enter key]
  7. Your identification has been saved in /home/jsmith/.ssh/id_rsa.
  8. Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
  9. The key fingerprint is:
  10. 33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9 [email protected]

第二步:用ssh-copy-id将公钥复制到远程机器中

  1. [email protected]$ ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
  2. [email protected]‘s password:
  3. Now try logging into the machine, with "ssh ‘remote-host‘", and check in:
  4. .ssh/authorized_keys
  5. to make sure we haven‘t added extra keys that you weren‘t expecting.

注意: ssh-copy-id 将key写到远程机器的 ~/ .ssh/authorized_key.文件中

第三步: 登录到远程机器不用输入密码

  1. [email protected]$ ssh remote-host
  2. Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
  3. [Note: SSH did not ask for password.]
  4. [email protected]$ [Note: You are on remote-host here]

常见问题:

  1. ssh-copy-id -u eucalyptus -i ~eucalyptus/.ssh/id_rsa.pub [email protected]_host

上述是给eucalyptus用户赋予无密码登陆的权利

[1]

  1. /usr/bin/ssh-copy-id: ERROR: No identities found

使用选项 -i ,当没有值传递的时候或者 如果 ~/.ssh/identity.pub 文件不可访问(不存在), ssh-copy-id 将显示上述的错误信息  ( -i选项会优先使用将ssh-add -L的内容)

  1. [email protected]$ ssh-agent $SHELL
  2. [email protected]$ ssh-add -L
  3. The agent has no identities.
  4. [email protected]$ ssh-add
  5. Identity added: /home/jsmith/.ssh/id_rsa (/home/jsmith/.ssh/id_rsa)
  6. [email protected]$ ssh-add -L
  7. ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsJIEILxftj8aSxMa3d8t6JvM79DyBV
  8. aHrtPhTYpq7kIEMUNzApnyxsHpH1tQ/Ow== /home/jsmith/.ssh/id_rsa
  9. [email protected]$ ssh-copy-id -i remote-host
  10. [email protected]‘s password:
  11. Now try logging into the machine, with "ssh ‘remote-host‘", and check in:
  12. .ssh/authorized_keys
  13. to make sure we haven‘t added extra keys that you weren‘t expecting.
  14. [Note: This has added the key displayed by ssh-add -L]

[2] ssh-copy-id应注意的三个小地方

    1. Default public key: ssh-copy-id uses ~/.ssh/identity.pub as the default public key file (i.e when no value is passed to option -i). Instead, I wish it uses id_dsa.pub, or id_rsa.pub, or identity.pub as default keys. i.e If any one of them exist, it should copy that to the remote-host. If two or three of them exist, it should copy identity.pub as default.
    2. The agent has no identities: When the ssh-agent is running and the ssh-add -L returns “The agent has no identities” (i.e no keys are added to the ssh-agent), the ssh-copy-id will still copy the message “The agent has no identities” to the remote-host’s authorized_keys entry.
    3. Duplicate entry in authorized_keys: I wish ssh-copy-id validates duplicate entry on the remote-host’s authorized_keys. If you execute ssh-copy-id multiple times on the local-host, it will keep appending the same key on the remote-host’s authorized_keys file without checking for duplicates. Even with duplicate entries everything works as expected. But, I would like to have my authorized_keys file clutter free.
时间: 2024-11-23 23:04:12

[转] Linux服务器三步骤配置免密码登陆的相关文章

Linux服务器之间配置免密码SSH访问

环境:Oracle VM Virtualbox, Ubuntu Server 12.04,SecureCRT 1.首先在虚拟机中安装好Linux操作系统,这里我选择的是Ubuntu Server,为了方便后续操作,网络建议选择桥接(bridge),因为电脑比较老,虚拟机和Linux都是32位的 安装Ubuntu的时候,注意选择安装ssh服务,如果没有安装,可以通过下面这个命令安装: $sudo apt-get install openssh-server 通过下面命令可以查看ssh服务有没有启动

【linux系列】配置免密登陆

一.SSH无密码登录原理 此操作是为了搭建hadoop集群进行的操作 Master(NameNode|JobTracker)作为客户端,要实现无密码公钥认证,连接到服务器Salve(DataNode|Tasktracker)上的时候,需要在Master上生成一个密钥对(公钥和私钥),当Master通过SSH连接到Slave的时候,Slave就会生成 一个随机数并用Master的公钥对随机数进行加密,并发送给Master.Master收到加密数值再用私钥解密,并将解密数据回传给Slave,Slav

Linux中ssh的免密码登陆

原理: Hadoop的各个节点要实时的进行各种通信的,ssh就是能让各个节点免密码的相互访问相互通信. 操作步骤: 这里用的加密方式是非对称的加密方式,具体的操作是: <1>执行命令ssh-keygen –t rsa产生秘钥,产生的秘钥默认位于~/.ssh文件夹中. <2>把公钥拷贝给别人后,要重新命名为authorized_keys,这里直接模拟在~/.ssh文件夹中复制一份就可以了.cp id_rsa.pub authorized_keys.(注意路径) 验证:ssh loca

Linux上实现ssh免密码登陆远程服务器

0.说明 平常使用ssh登陆远程服务器时,都需要使用输入密码,希望可以实现通过密钥登陆而免除输入密码,从而可以为以后实现批量自动部署主机做好准备. 环境如下: IP地址 操作系统 服务器端 10.0.0.128/24 CentOS 6.5 x86 客户端 10.0.0.129/24 Ubuntu 16.04 x86 1.客户端生成密钥对 生成密钥对: [email protected]:~$ ssh-keygen -t rsa -b 2048 Generating public/private 

CentOS7 配置免密码登陆

3台主机 192.168.30.207 Master 192.168.30.251 Node1 192.168.30.252 Node2 三台主机检查 ~/.ssh 文件夹,没有则新建 在master中执行如下命令: ssh-keygen -t rsa 一路按回车,最终生成(id_rsa,id_rsa.pub两个文件). 把id_rsa.pub 复制到slaves 251,252两台node上去. scp ~/.ssh/id_rsa.pub [email protected]:~/.ssh sc

linux ssh密钥认证, 免密码登陆

1. 客户端生成密钥 # mkdir ~/.ssh # chmod 700 ~/.ssh # cd ~/.ssh 生成RSA密钥 # ssh-keygen -t rsa (然后连续三次回车) 2. 把公钥传到服务器上 将客户端~/.ssh/id_rsa.pub拷贝到服务器的/home/user0/.ssh目录,并重命名为authorized_keys文件,注意设为其他人不可读写. # chmod 400 ~/.ssh/id_rsa.pub # scp /home/user0/.ssh/id_rs

windows使用xshell免密码登陆远程Linux服务器教程

windows使用xshell免密码登陆远程Linux服务器教程 1.使用xshell自带工具生成私钥 步骤: 2.在linux服务器端生成密钥 1.生成服务器端密钥命令 #ssh-keygen (保存位置默认,全部回车即可.) 3.复制本地密钥到远程linux服务器端 1.复制本地密钥到远程linux服务器端 2.把本地密钥命名为authorized_keys #cat 本地密钥 >> authorized_keys 3.放在~/.ssh/下且权限为600. #chmod 600 autho

Jenkins进阶系列之——09配置Linux系统ssh免密码登陆

ssh认证的完整描述:https://www.ibm.com/developerworks/cn/linux/security/openssh/part1/ 说明:点我去查看 今天我们只说生成ssh的key,从而达到免密码登陆的目的. 不知道ssh是什么的自己看说明.好了,不废话了. 系统:CentOS 5.8 确认用户 确认当前用户是你需要的用户! $ whoami froad #froad用户,根据你自己的需求选择用户.我这儿用froad用户演示. 生成key $ cd ~ #回到用户目录,

配置Linux 免密码登陆

配置Linux 免密码登陆 1 生成秘钥对,一路回车就好 2 修改公钥名称为authorized_keys 3 修改权限为600 4 修改sshd配置文件 5 重启sshd服务 配置Linux 免密码登陆 友情提示:如果需要实现xshell 等终端工具实现免密码登陆的,在生成密钥对的时候,务必先把id_rsa就拷贝出来,不然到时候你配置好了的时候,通过xftp等工具拷贝文件出来,发现本地没有密钥文件,到时候就是死循环了.切记切记!! 1 生成秘钥对,一路回车就好 [[email protecte