Of Stack

centos Configured ssh to enter a password after password free login

  • 2020-06-19 12:17:56
  • OfStack

preface

When setting up THE Linux cluster service, the master server needs to start the service of the slave server. If it is started manually, several servers in the cluster are ok. If it is like the Hadoop cluster of Ali 1000, it will take several engineers one or two days to start the cluster once. If we use secret free login, the primary server can perform the boot step programmatically, automatically helping us launch the application from the server. This is based on the password-free login of the ssh service. So to learn cluster deployment, you must understand linux's password-free login.

Step 1: Create the secret key in the native

1. Execute command: 


ssh-keygen -t rsa -C "xx@qq.com"

(Make up a random string, generally use email)

2, then 1 return will be fine; Will be generated in ~ (home) directory.ssh (hidden) folder;

3. There are two files, id_rsa(private key) and id_rsa.pub (public key)

Notes:

In liunx environment, to copy the public or private key, do not use vim and other editors to open the file to copy and paste;

Because it creates unnecessary carriage returns.

You should use cat to print the content to the terminal and then copy and paste it;

Step 2: Copy the public key to the remote host using ES43en-ES44en-ES45en 


ssh-copy-id zhangming@192.168.161.132

Copy the secret key to the remote server

The port copied in this way is Linux's default 22. If you want to specify the port, you can use:

ssh-copy-id-i/User name /.ssh/ id_ES61en. pub '-ES63en port number User name @106.75.52.44' 


ssh-copy-id -i /root/.ssh/id_rsa.pub '-p 22222 root@106.75.52.44'

It might take a while, but I've been waiting for quite a while anyway, and then it says to enter your password:

zhangming@106.75.52.44's password:

After entering the password, display:

Now try logging into the machine, with "ssh '-p 22222 root@106.75.52.44'", and check in:
.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

It's a success!

Step 3: Remote login 


[zhangming@localhost ~]$ ssh zhangming@192.168.161.134
Last login: Mon Oct 10 14:18:54 2016 from 192.168.161.135

ssh zhangming@123.59.44.56 -p 22222

Pay attention to

Big hole encountered:

After configuring ssh password-free login, you are still prompted for your password

Solutions:

The first step is to look at the system log files 


tail /var/log/secure -n 20

Find out what the problem is: Authentication refused ownership or modes for file

SSH does not want the home directory and ~/.ssh directory to have write permissions to the group 


chmod g-w /home/zhangming 
chmod 700 /home/zhangming/.ssh
chmod 600 /home/zhangming/.ssh/authorized_keys

Then we log in again, and we can access it without a password.

Are you happy?

conclusion

Reference: [http: / / blog. csdn. net/u013066244 / article/details / 52796341]

Related articles: