Of Stack

CentOS 6.5 in the SSH password free login configuration tutorial

  • 2020-05-12 06:39:59
  • OfStack

0. Show

For the sake of illustration, suppose you have two hosts, A and B, with centos6.5 installed. The goal is to enable A and B hosts to login to each other's hosts without a password through ssh. The configuration process of A host is described here.

Create a user name on the AB host for password-free login, and add the host name and ip to the /etc/hosts file.

Create a new user: useradd linuxidc

Set the password: passwd linuxidc, enter the password you want, and then su linuxidc switches users

Change the hostname: vim /etc/sysconfig/network, add hostname=master, you can see the successful modification after logging off the system

Modify the hosts file: 


vim /etc/hosts 
192.168.88.101 master 
192.168.88.102 slave1

1. Environment Settings

1.1 turn off the firewall (root permissions)

centos 6.5 is quite strict with network management. You need to shut down selinux. Go to /etc/selinux/config and change SELINUX=enforcing to SELINUX=disabled. root permissions are required. 


# su root

Password: 


$ vim /etc/selinux/config

Find SELINUX and change it to SELINUX=disable

1.2 modification of sshd profile (root permissions) 


$ vim /etc/ssh/sshd_config

Find the following and remove the comment "#" 


RSAAuthentication yes
  PubkeyAuthentication yes
  AuthorizedKeysFile .ssh/authorized_keys

1.3 restart sshd service (root permission) 


$ /sbin/service sshd restart

2. The machine generates public and private keys

Switch back from root to linuxidc for password-free login, and execute the command. 


# ssh-keygen -t rsa

By default, two files are generated in user linuxidc's home directory (~/.ssh /) :

id_rsa: the private key

id_rsa. pub: public key

Import the public key into the authentication file

3.1 import into the machine 


# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

After completing this step and modifying the relevant file permissions according to step 4, you can login to the machine without a password. You can enter the following command to verify.

ssh localhost

If you are able to log in, you have verified success.

3.2 import to the target host

3.2.1 operate on the machine and transfer to the target host 


# scp ~/.ssh/id_rsa.pub root@ The target host ip Or the host name :/home/id_rsa.pub

Note that when sending files to the target host, the root user must be used, otherwise it will be denied due to insufficient permissions. After entering the password of the target host, OK appears, which means the transfer is successful.

3.2.2 log in to the target host and import the public key into the authentication file

Log in to the target host using the username linuxidc to be logged in without a password. Then do the following. 


# cat /home/id_rsa.pub >> ~/.ssh/authorized_keys

Then follow step 4 to modify the file permissions to complete the password-free login Settings.

4. Change the permissions of relevant files 


# su root
0

At this point, complete the password-free login setup.

5. Test

A host (linuxidc @master), B host (linuxidc @slave1). On the A host, switch to linuxidc user, and perform the following command test:

ssh slave1

Related articles: