|
As a system administrator, you plan to use OpenSSH on Linux, complete automation of routine work, such as file transfer, backup database dump file to another server and so on. To achieve this goal, you need to be able to automatically log on to the host A host B. That automatic login, use ssh in a shell script, without the need to enter any password.
This article will tell you how on CentOS / RHEL set Free SSH password. After the automatic logon configured, you can use SSH (Secure Shell) and Secure Copy (SCP) through which to move files.
SSH is open source, is the most reliable network protocol for remote login. System administrators use it to execute commands, and by SCP protocol to transfer files to another computer on the network.
By configuring SSH password-free login, you can enjoy the following benefits:
Script routine tasks automation.
Enhance the security of Linux servers. This is a preferred method to prevent virtual private server (VPS) subjected to brute force attacks, SSH keys brute force alone is almost unbreakable.
What is ssh-keygen
ssh-keygen is used to generate, create public and private key tools to manage the SSH authentication. By ssh-keygen command, you can create a support SSH1 and SSH2 protocols two keys. ssh-keygen to create RSA key for SSH1 protocol, SSH2 can be RSA or DSA.
What is ssh-copy-id
ssh-copy-id is used to copy a local public key to the remote authorizedkeys file script commands, it will be appended to the identity of the remote machine file ~ / .ssh / authorizedkeys file to the remote host and the user's home appropriate directory permissions.
SSH Keys
SSH key to log on Linux servers and provides better security mechanism. After running ssh-keygen, it will generate a public and private key pairs. You can be placed into any server public key, private key held by the connection from the client to the server, and will use it to unlock. When a match occurs, the system can be unlocked without a password.
On CentOS and RHEL set Free SSH password
The following steps on CentOS 5/6/7, RHEL 5/6/7 and Oracle Linux 6/7 test.
Node 1: 192.168.0.9 Node 2: 192.168.l.10
step one :
Test node 1 to 2 connection and access:
[Root @ node1 ~] #ssh root@192.168.0.10
The authenticity of host '192.168.0.10 (192.168.0.10)' can not be established.
RSA key fingerprint is 6d: 8f: 63: 9b: 3b: 63: e1: 72: b3: 06: a4: e4: f4: 37: 21: 42.
Are you sure you want to continue connecting (yes / no)? Yes
Warning: Permanently added '192.168.0.10' (RSA) to the list of known hosts.
root@192.168.0.10's password:
Lastlogin: ThuDec1022: 04: 552015from192.168.0.1
[Root @ node2 ~] #
Step two:
Use ssh-key-gen command to generate public and private, to note here is the private key encryption to enhance security.
[Root @ node1 ~] # ssh-keygen
Generatingpublic / private rsa key pair.
Enterfilein which to save the key (/root/.ssh/id_rsa):
Enter passphrase (emptyforno passphrase):
Enter same passphrase again:
Your identification has been saved in / root / .ssh / id_rsa.
Yourpublic key has been saved in / root / .ssh / id_rsa.pub.
The key fingerprint is:
b4: 51: 7e: 1e: 52: 61: cd: fb: b2: 98: 4b: ad: a1: 8b: 31: 6d root@node1.ehowstuff.local
The key's randomart image is:
+ - [RSA 2048] ---- +
|. ++ |
| O o o |
| O o o. |
|. O + .. |
| S.. |
|. ... |
| O E oo.o |
| = Ooo. |
|. O.o. |
+ ----------------- +
Step three:
Using ssh-copy-id command to copy the public key to the remote host or upload and identity documents appended to the node 2 ~ / .ssh / authorized_keys in:
[Root @ node1 ~] # ssh-copy-id-i ~ / .ssh / id_rsa.pub 192.168.0.10
root@192.168.0.10's password:
Now try logging into the machine, with "ssh '192.168.0.10'", and check in:
.ssh / authorized_keys
to make sure we have not added extra keys that you were not expecting.
Step Four:
Free SSH login password verification node 2:
[Root @ node1 ~] #ssh root@192.168.0.10
Lastlogin: SunDec1314: 03: 202015from www.ehowstuff.local
I hope this article will help you to provide you with SSH password Free basic knowledge and quick guide CentOS / RHEL is. |
|
|
|