CentOS 6.5 in the SSH password free login configuration tutorial
- 2020-05-12 06:39:59
- OfStack
0. Show
For the sake of illustration, suppose you have two hosts, A and B, with centos6.5 installed. The goal is to enable A and B hosts to login to each other's hosts without a password through ssh. The configuration process of A host is described here.
Create a user name on the AB host for password-free login, and add the host name and ip to the /etc/hosts file.
Create a new user: useradd linuxidc
Set the password: passwd linuxidc, enter the password you want, and then su linuxidc switches users
Change the hostname: vim /etc/sysconfig/network, add hostname=master, you can see the successful modification after logging off the system
Modify the hosts file:
vim /etc/hosts
192.168.88.101 master
192.168.88.102 slave1
1. Environment Settings
1.1 turn off the firewall (root permissions)
centos 6.5 is quite strict with network management. You need to shut down selinux. Go to /etc/selinux/config and change SELINUX=enforcing to SELINUX=disabled. root permissions are required.
# su root
Password:
$ vim /etc/selinux/config
Find SELINUX and change it to SELINUX=disable
1.2 modification of sshd profile (root permissions)
$ vim /etc/ssh/sshd_config
Find the following and remove the comment "#"
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
1.3 restart sshd service (root permission)
$ /sbin/service sshd restart
2. The machine generates public and private keys
Switch back from root to linuxidc for password-free login, and execute the command.
# ssh-keygen -t rsa
By default, two files are generated in user linuxidc's home directory (~/.ssh /) :
id_rsa: the private key
id_rsa. pub: public key
Import the public key into the authentication file
3.1 import into the machine
# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
After completing this step and modifying the relevant file permissions according to step 4, you can login to the machine without a password. You can enter the following command to verify.
ssh localhost
If you are able to log in, you have verified success.
3.2 import to the target host
3.2.1 operate on the machine and transfer to the target host
# scp ~/.ssh/id_rsa.pub root@ The target host ip Or the host name :/home/id_rsa.pub
Note that when sending files to the target host, the root user must be used, otherwise it will be denied due to insufficient permissions. After entering the password of the target host, OK appears, which means the transfer is successful.
3.2.2 log in to the target host and import the public key into the authentication file
Log in to the target host using the username linuxidc to be logged in without a password. Then do the following.
# cat /home/id_rsa.pub >> ~/.ssh/authorized_keys
Then follow step 4 to modify the file permissions to complete the password-free login Settings.
4. Change the permissions of relevant files
# su root
0
At this point, complete the password-free login setup.
5. Test
A host (linuxidc @master), B host (linuxidc @slave1). On the A host, switch to linuxidc user, and perform the following command test:
ssh slave1