Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Server \ Do not enter password login ssh     - Alternative methods of intrusion bundled executable file new thinking (Linux)

- 15 things to do after installing Ubuntu 15.04 Desktop (Linux)

- Ubuntu Linux use ufw or iptables firewall configuration (Linux)

- Linux installation and configuration curl command tool (Linux)

- 12 kinds of detection of CPU information on a Linux system tools (Linux)

- Install minimize RHEL / CentOS 7 some things need to do (Linux)

- Oracle Linux 5.5 (64bit) Install Oracle 11gR2 RAC detailed tutorial (Database)

- Under Ubuntu on how to use iptables firewall (Linux)

- C ++ Supplements - locates the new expression (Programming)

- Under CentOS 7 installation and deployment environment Ceph (Server)

- To generate a certificate using OpenSSL under Linux (Server)

- error 1819 (HY000): your password does not satisfy the current policy requirements (Database)

- Oracle data row split multiple lines (Database)

- Difference in MySQL VARCHAR and CHAR data format (Database)

- map and hash_map STL containers (Programming)

- How Oracle implements random reads from specific combinations (Database)

- xCAT deployment (Linux)

- Linux system security check method (Linux)

- grep command output highlighted word (Linux)

- How to Install Suricata IDS on a Linux system (Server)

  Do not enter password login ssh
  Add Date : 2018-11-21      
  Free SSH password, toss me one day, if root privileges, then very simple, but this is really somewhat irregular, after all, I am a professional good cutting ~

So bring a lot of strange questions, when solved, it was found, in fact, not so troublesome.

Here is what I started with the root user to do 117 unidirectional password to connect to 118,119,120. This must be done before constructing hdfs-HA-Federation + yarn of.

Free password set before, put their hosts in every good ip configuration corresponding name, switching and facilitate future use, own hostname also changed the way it does not change is possible.

1. First use the following command to generate the password-free ssh keys:

[Root @ localhost ~] # ssh-keygen -t rsa -P ''
All the way round, if ever before, you can choose yes overwrite the previous key ~

Generating public / private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ca: 14: 3d: fa: 96: ba: 41: 17: c6: 60: 7d: dc: 31: 67: 9e: b8 root@localhost.localdomain
The key's randomart image is:
+ - [RSA 2048] ---- +
|.. O .o.o |
|.. + O *.. |
|... * O |
| + O. |
| + S E |
| + +. |
| + + |
| + |
| O. |
+ ----------------- +
 2. Go to the user's root directory, there will be hidden .ssh folder, you will see after entering a id_rsa.pub, this is the key password-free. This key will be appended to the authorized_keys.

[Root @ localhost .ssh] # cat id_rsa.pub >> authorized_keys
Authorized_keys must modify the permissions of 600, to be honest I do not know why.

[Root @ localhost .ssh] # chmod 600 authorized_keys

3. No matter what way, the generated key to pass to avoid the password server (the keys were given to 118,119,120). Which his own key to the machine, and that they can log on which machine

[Root @ localhost .ssh] # scp id_rsa.pub root@ /home/id_rsa.pub
 Repeat the above operation after copying the past, passing over the id_rsa.pub the value added to the resulting authorized_keys (actually copied directly to the authorized_keys can, but also to set the permissions to 600)

4. Under root privileges to edit sshd_config file:

[Root @ localhost .ssh] # vim / etc / ssh / sshd_config
The RSAAuthentication and PubkeyAuthentication comment cancel and modify AuthorizedKeyFile position (the position is relative to enter the user's location, rather than under the root location)

RSAAuthentication yes # Enable RSA authentication
PubkeyAuthentication yes # Enable public and private key pair authentication

# The default is to check both .ssh / authorized_keys and .ssh / authorized_keys2
# But this is overridden so installations will only check .ssh / authorized_keys
AuthorizedKeysFile .ssh / authorized_keys # public key file path (file generated above and the same)
Once configured, restart the ssh service:

[Root @ localhost .ssh] # service sshd restart
Redirecting to / bin / systemctl restart sshd.service
5. test it ~

[Root @ abctest~] # ssh node117
Last login: Tue Aug 18 07:48:58 2015
[Root @ abctest~] # exit
Connection to node117 closed.
[Root @ abctest~] # ssh node118
Last login: Tue Aug 18 07:46:59 2015 from node117
[Root @ qiang118 ~] # exit
Connection to node118 closed.
[Root @ abctest~] # ssh node119
Last login: Tue Aug 18 07:47:17 2015 from node117
[Root @ localhost ~] # exit
Connection to node119 closed.
[Root @ abctest~] # ssh node120
Last login: Tue Aug 18 07:47:39 2015 from node117
[Root @ localhost ~] # exit
Connection to node120 closed.
[Root @ abctest~] #
This is later used a non-root user to do Free password (Note that the user name of each server should be the same, proved otherwise Rom ...)

[Qiang @ abctest~] $ ssh node117
Last login: Tue Aug 18 08:59:20 2015
[Qiang @ abctest~] $ ssh node118
Last login: Tue Aug 18 08:59:27 2015 from node117
[Qiang @ qiang118 ~] $ exit
Connection to node118 closed.
[Qiang @ abctest~] $ ssh node119
Last login: Tue Aug 18 08:59:40 2015 from node117
[Qiang @ qiang119 ~] $ exit
Connection to node119 closed.
[Qiang @ abctest~] $ ssh node120
Last login: Tue Aug 18 09:00:39 2015 from node120
[Qiang @ qiang120 ~] $ exit
Connection to node120 closed.
[Qiang @ abctest~] $
Once you've created a new user, retrieve the key in the user's home directory, which is generated with the root user keys are not the same.
- LVS + Keepalived the DR mode (Server)
- Ubuntu 14.04 and derivative versions of the user install Pantheon Photos 0.1 (Linux)
- Linux environment to build next Cocos2dx-3.3.1 (Linux)
- Linux check disk parameters trapping lack amendments (Linux)
- Java-based data source database access (Programming)
- Oracle 11g statistics collection - collection of multi-column statistics (Database)
- Dual system Linux (Ubuntu) into the Windows NTFS partition's mount error (Linux)
- Linux mention the right notes (Linux)
- Basic Operation Linux files and directories (Linux)
- Smooth upgrade to OpenSSH 6.1 Procedure (Linux)
- MogileFS system installation configuration example (Server)
- Linux System Getting Started Tutorial: How to update outdated version of Ubuntu (Linux)
- Use mod_wsgi Django application deployment (Server)
- Linux group account deletion, and other related operations (Linux)
- MySQL database to open a remote connection method (Database)
- iptraf: A Practical TCP / UDP network monitoring tools (Linux)
- Json Applications of FastJson (Programming)
- CUDA (including GPU card driver) installation process under Ubuntu (Linux)
- Firewall types and instructions (Linux)
- Gitblit adopted Ticket collaborative development model (Linux)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.