使用openssh实现免密码登录，免用户名+密码登录

有时候经常登录某台主机，会懒得输入密码，输入个用户名登录，像我这种更懒的，密码也懒得输入：

创建虚拟机：centos7

HuaiqingdeMBP:~ huaiqingcheng$ vagrant box add centos7 /Users/huaiqingcheng/Downloads/centos-7.0-x86_64.box

==> box: Box file was not detected as metadata. Adding it directly...

==> box: Adding box ‘centos7‘ (v0) for provider: 

box: Unpacking necessary files from: file:///Users/huaiqingcheng/Downloads/centos-7.0-x86_64.box

==> box: Successfully added box ‘centos7‘ (v0) for ‘virtualbox‘!

查看虚拟机

HuaiqingdeMBP:~ huaiqingcheng$ vagrant box list

centos7       (virtualbox, 0)

centos7_1     (virtualbox, 0)

centos7_2     (virtualbox, 0)

centos7_3     (virtualbox, 0)

centos7_4     (virtualbox, 0)

ubuntu_1204_1 (virtualbox, 0)

初始化虚拟机

HuaiqingdeMBP:~ huaiqingcheng$ cd ./vagrant/

HuaiqingdeMBP:vagrant huaiqingcheng$ vagrant init centos7

A `Vagrantfile` has been placed in this directory. You are now

ready to `vagrant up` your first virtual environment! Please read

the comments in the Vagrantfile as well as documentation on

`vagrantup.com` for more information on using Vagrant.

桥接并且开启虚拟机（编辑vagrantfile文件即可，网卡模式可以随意自己选择，我选择了桥接，省事）

HuaiqingdeMBP:vagrant huaiqingcheng$ vagrant up

Bringing machine ‘default‘ up with ‘virtualbox‘ provider...

==> default: Importing base box ‘centos7‘...

==> default: Matching MAC address for NAT networking...

==> default: Setting the name of the VM: vagrant_default_1490616990534_7712

==> default: Clearing any previously set forwarded ports...

==> default: Clearing any previously set network interfaces...

==> default: Available bridged network interfaces:

1) en0: Wi-Fi (AirPort)

2) en5: USB Ethernet(?)

3) en1: Thunderbolt 1

4) en2: Thunderbolt 1

5) en3: Thunderbolt 18

6) en4: Thunderbolt 20

7) p2p0

8) awdl0

9) bridge0

==> default: When choosing an interface, it is usually the one that is

==> default: being used to connect to the internet.

default: Which interface should the network bridge to? 1

==> default: Preparing network interfaces based on configuration...

default: Adapter 1: nat

default: Adapter 2: bridged

==> default: Forwarding ports...

default: 22 (guest) => 2222 (host) (adapter 1)

==> default: Booting VM...

==> default: Waiting for machine to boot. This may take a few minutes...

default: SSH address: 127.0.0.1:2222

default: SSH username: vagrant

default: SSH auth method: private key

default:

default: Vagrant insecure key detected. Vagrant will automatically replace

default: this with a newly generated keypair for better security.

default:

default: Inserting generated public key within guest...

default: Removing insecure key from the guest if it‘s present...

default: Key inserted! Disconnecting and reconnecting using new SSH key...

==> default: Machine booted and ready!

==> default: Checking for guest additions in VM...

default: The guest additions on this VM do not match the installed version of

default: VirtualBox! In most cases this is fine, but in rare cases it can

default: prevent things such as shared folders from working properly. If you see

default: shared folder errors, please make sure the guest additions within the

default: virtual machine match the version of VirtualBox you have installed on

default: your host and reload your VM.

default:

default: Guest Additions Version: 4.3.28

default: VirtualBox Version: 5.1

==> default: Configuring and enabling network interfaces...

==> default: Mounting shared folders...

default: /vagrant => /Users/huaiqingcheng/vagrant

虚机地址

inet 192.168.0.113  netmask 255.255.255.0

• 使用openssh实现免密码登录（仅输入用户名就可以了）

  原理：使用公钥认证(私钥加密公钥解密可以进行身份验证)

  客户端生成一对密钥（public key和private key），通过将生成的公钥保存到需要认证的服务器的~/.ssh/authriedkey文件中，并且将.ssh目录的权限设置为644、authrizedkey权限设置为600即可

  ---

ssh密钥生成

HuaiqingdeMBP:vagrant huaiqingcheng$ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/Users/huaiqingcheng/.ssh/id_rsa):

/Users/huaiqingcheng/.ssh/id_rsa already exists.

Overwrite (y/n)? y

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /Users/huaiqingcheng/.ssh/id_rsa.

Your public key has been saved in /Users/huaiqingcheng/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:CCRo8ATutB5d8kXw2ApP0i2EB3yoPzWkPOnkjXHX4fw [email protected]

The key‘s randomart image is:

+---[RSA 2048]----+

|+o+.=o..         |

|o+ *o+*  .       |

|.o++B* =+ .      |

|o.oBO=+o +       |

| +=.B++ S .      |

|. .* .     E     |

| .  .            |

|                 |

|                 |

+----[SHA256]-----+

ssh-copy-id 复制公钥（需要输入一次用户密码）

HuaiqingdeMBP:vagrant huaiqingcheng$ ssh-copy-id [email protected]

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/huaiqingcheng/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

[email protected]‘s password:

Number of key(s) added:        1

Now try logging into the machine, with:   "ssh ‘[email protected]‘"

and check to make sure that only the key(s) you wanted were added.

测试完成，免密码，需要输入用户名：

HuaiqingdeMBP:vagrant huaiqingcheng$ ssh [email protected]

Last login: Mon Mar 27 14:30:10 2017

Welcome to your Vagrant-built virtual machine.

[[email protected] ~]#

或者手动复制公钥/Users/huaiqingcheng/.ssh/id_rsa.pub到目标虚机/root/.ssh/authorized_keys文件中，~/.ssh目录的权限700，authorized_key的权限为600

• 用openssh实现免用户名+密码登录

在～/.ssh/目录下建立config文件,编辑内容，绑定用户名和公钥

Host 192.168.0.113

HostName 192.168.0.113

User root

Port 22

IdentityFile    ~/.ssh/id_rsa

测试

HuaiqingdeMBP:vagrant huaiqingcheng$ ssh 192.168.0.113

Last login: Mon Mar 27 14:33:19 2017 from 192.168.0.101

Welcome to your Vagrant-built virtual machine.

[[email protected] ~]#

ok，拜拜