Linux實現SSH無密碼登陸
假設服務器 IP 地址爲 192.168.1.1 ,機器名: cluster.hpc.org服務器
客戶端 IP 地址爲 172.16.16.1 ,機器名: p470-2.wangrx.sioc.ac.cnapp
客戶端用戶 yzhao 須要使用 ssh 無密碼登陸服務器的 zhaoy 賬戶ssh
實現原理ide
使用一種被稱爲"公私鑰"認證的方式來進行ssh登陸. "公私鑰"認證方式簡單的解釋是ui
- 首先在客戶端上 建立一對公私鑰 (公鑰文件: ~/.ssh/id_rsa.pub ; 私鑰文件: ~/.ssh/id_rsa )
- 而後把公鑰放到服務器上 ( ~/.ssh/authorized_keys ) , 本身保留好私鑰
- 當ssh登陸時,ssh程序會發送私鑰去和服務器上的公鑰作匹配.若是匹配成功就能夠登陸了
設置以下spa
1 、以 yzhao 用戶登陸客戶機器並在客戶端機器上執行 "ssh-keygen -t rsa" code
( 注:每次執行 "ssh-keygen -t rsa" 產生的私鑰文件都會不一樣 )ci
a )若是文件 "~/.ssh/id_rsa" 存在,會提示是否覆蓋該文件,此時可選擇 "n" 不覆蓋該文件而使用已有的 id_rsa 文件;若是選擇 "y" 則會從新生成 "~/.ssh/id_rsa" 文件,接下來會提示輸入 passphrase ,回車肯定使用空的 passphrase ,再次回車確認(這裏也能夠輸出 passphrase ,至關於 ssh 時登陸的密碼)。而後會從新生成 "~/.ssh/id_rsa" 文件和 "~/.ssh/id_rsa.pub" 文件(結果以下)。unicode
[yzhao@p470-2 ~]$ ssh-keygen -t rsait
Generating public/private rsa key pair.
Enter file in which to save the key (/disk2/yzhao/.ssh/id_rsa):
/disk2/yzhao/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /disk2/yzhao/.ssh/id_rsa.
Your public key has been saved in /disk2/yzhao/.ssh/id_rsa.pub.
The key fingerprint is:
6d:a1:17:8a:b6:d2:c0:a1:6c:66:ba:85:0b:7b:9f:0c yzhao@p470-2.wangrx.sioc.ac.cn
b )若是 "~/.ssh/id_rsa" 文件和 "~/.ssh/id_rsa.pub" 文件不存在則會自動建立新的 "~/.ssh/id_rsa" 文件和 "~/.ssh/id_rsa.pub" 文件, passphrase 設置同上。
[yzhao@p470-2 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/disk2/yzhao/.ssh/id_rsa):
Created directory '/disk2/yzhao/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /disk2/yzhao/.ssh/id_rsa.
Your public key has been saved in /disk2/yzhao/.ssh/id_rsa.pub.
The key fingerprint is:
54:49:ad:33:b3:ff:71:da:6d:db:78:d0:bb:6a:15:bc yzhao@p470-2.wangrx.sioc.ac.cn
2 、使用 ssh zhaoy@192.168.1.1 登陸到服務器,編輯服務器上 "~/.ssh/authorized_keys" 文件,將客戶端機器上的 "~/.ssh/id_rsa.pub" 文件內容追加到 "~/.ssh/authorized_keys" 文件中。
(注:能夠在客戶端機器上使用如下命令來實現:
cat ~ /.ssh/ id_rsa .pub | ssh zhaoy@ 192.168.1. 1 "cat - >> ~/.ssh/authorized_keys"
cat /root/.ssh/id_rsa.pub|ssh root@192.168.2.168 "cat - >> /root/.ssh/authorized_keys"
此時會要求輸入 zhaoy 在服務器上的登陸密碼,輸入後即會將客戶端機器上的 "~/.ssh/id_rsa.pub" 文件內容追加到服務器上的 "~/.ssh/authorized_keys" 文件中)
若是是首次鏈接服務器會出現如下的提示,確認鏈接並輸入密碼後其餘直接回車肯定。
[yzhao@p470-2 ~]$ ssh zhaoy@192.168.1.1
The authenticity of host '192.168.1.1 (192.168.1.1)' can't be established.
RSA key fingerprint is 94:91:33:01:6b:e7:10:ae:42:ac:ea:5c:8c:bb:f1:18.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.1' (RSA) to the list of known hosts.
zhaoy@192.168.1.1's password:
Last login: Fri Dec 21 17:41:38 2007 from 172.16.16.1
Rocks 4.2.1 (Cydonia)
Profile built 03:58 21-Jun-2007
Kickstarted 12:25 21-Jun-2007
Rocks Frontend Node - Our Cluster Cluster
It doesn't appear that you have set up your ssh key.
This process will make the files:
/home/zhaoy/.ssh/id_rsa.pub
/home/zhaoy/.ssh/id_rsa
/home/zhaoy/.ssh/authorized_keys
Generating public/private rsa key pair.
Enter file in which to save the key (/home/zhaoy/.ssh/id_rsa):
Created directory '/home/zhaoy/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/zhaoy/.ssh/id_rsa.
Your public key has been saved in /home/zhaoy/.ssh/id_rsa.pub.
The key fingerprint is:
7e:f6:ab:b0:79:70:cb:c9:f7:40:37:aa:10:4d:4a:ac zhaoy@cluster.hpc.org
3 、若是在第 1 步中 使用了空的passphrase ,則能夠跳過第 4 步,此時在客戶端便可以使用 "ssh zhaoy@192.168.1.1" 便可無密碼登陸到服務器;若是第一步中設置了 passphrase ,則繼續執行如下步驟。
4 、 若是第 1 步中設置了 passphrase ,則此時須要輸入該 passphrase 登陸服務器。 此時 前面咱們把輸入密碼變成了輸入passphrase , 這沒有帶來任何方便 。 可是 咱們能夠經過 ssh-agent 來幫助咱們自動輸入 passphrase(只是看起來像是自動輸入而已) , 咱們只要 在第一次登陸時 輸入一次passphrase, 之後的工做就能夠交給ssh-agent 。在客戶端機器上執行命令 ssh-add , 這裏會提示輸入一次passphrase 。輸入第一步中設置的 passphrase 以後會修改 "~/ .ssh / id_rsa " 文件。再在客戶端執行 "ssh zhaoy@192.168.1.1" 便可無密碼登陸到服務器端。
[yzhao@p470-2 ~]$ ssh-add
Enter passphrase for /disk2/yzhao/.ssh/id_rsa:
Identity added: /disk2/yzhao/.ssh/id_rsa (/disk2/yzhao/.ssh/id_rsa)
[yzhao@p470-2 ~]$ ssh zhaoy@192.168.1.1
Last login: Fri Dec 21 17:55:38 2007 from 172.16.16.1
Rocks 4.2.1 (Cydonia)
Profile built 03:58 21-Jun-2007
Kickstarted 12:25 21-Jun-2007
Rocks Frontend Node - Our Cluster Cluster
[zhaoy@cluster ~]$
- 1. linux實現ssh無密碼登陸和ssh登陸報錯
- 2. linux .ssh 無密碼登陸
- 3. Linux ssh無密碼登陸
- 4. 2.ssh**登陸(ssh無密碼登陸)
- 5. SSH無密碼驗證登陸實現
- 6. ssh無密碼登陸
- 7. ssh 無密碼登陸
- 8. ubuntu SSH 無密碼登陸
- 9. ssh無密碼登陸(轉)
- 10. ssh的無密碼登陸
- 更多相關文章...
- • 現實生活中的 XML - XML 教程
- • Hibernate實現增刪改查 - Hibernate教程
- • ☆基於Java Instrument的Agent實現
- • Spring Cloud 微服務實戰(三) - 服務註冊與發現
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. linux實現ssh無密碼登陸和ssh登陸報錯
- 2. linux .ssh 無密碼登陸
- 3. Linux ssh無密碼登陸
- 4. 2.ssh**登陸(ssh無密碼登陸)
- 5. SSH無密碼驗證登陸實現
- 6. ssh無密碼登陸
- 7. ssh 無密碼登陸
- 8. ubuntu SSH 無密碼登陸
- 9. ssh無密碼登陸(轉)
- 10. ssh的無密碼登陸