CentOS 7设置无密码SSH登录教程
centos7配置SSH免密码登录
最近因为备份需要配置机器之间可以ssh免密码登录,之前也没有做过就看下网上的教程 结果看的稀碎 写的乱七八糟 参考这个centos免密码登录authorized_keys需要600权限 写下自己从头开始配置的步骤和经过。
需求 :A机器想要ssh登录到B机器上。
SSH原理学习Hadoop第五课(配置ssh免密码登陆配置和ssh原理):
A就是客户端 B就是服务器首先要在客户端A上操作如下:
配置ssh配置文件
[root@localhost mysql]# vim /etc/ssh/sshd_config
将这三个配置打开 并进行对应的配置 全为yes
重启ssh服务
[root@localhost mysql]# systemctl status sshd.service
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since 三 2018-10-10 15:20:32 CST; 2 weeks 6 days ago
Main PID: 1263 (sshd)
CGroup: /system.slice/sshd.service
└─1263 /usr/sbin/sshd -D
10月 25 15:47:57 localhost.localdomain sshd[20598]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root"
...
配置ssh服务开机自启动
[root@localhost mysql]# systemctl enable sshd.service
在A客户端上生成公钥和私钥:
[root@localhost mysql]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
...
拷贝及配置方案1:
ssh-copy-id -i ~/.ssh/id_rsa.pub root@要拷贝到的机器ip
输入远程机器密码,即可完成ssh配置。
拷贝及配置方案2
拷贝公钥到B机器上
方式2:
[root@localhost .ssh]# scp /root/.ssh/id_rsa.pub root@192.168.1.1:/root/id_rsa.pub
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.1' (ECDSA) to the list of known hosts.
root@192.168.1.1's password:
id_rsa.pub 100% 408 0.4KB/s 00:00
这里两点说明
1.关于scp /root/.ssh/id_rsa.pub root@192.168.1.1:/root/id_rsa.pub中 /root/.ssh/id_rsa.pub就是刚才生成密匙默认存放的文件夹 Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub.生成密匙的时候也有提示信息输出 。 root@192.168.1.1:/root/id_rsa.pub部分就是B机器的 root@192.168.1.1 账户和ip ,:/root/id_rsa.pub就是放在/root路径下 文件名字叫id_rsa.pub
2.这里因为还没有配置完成 所以scp的时候还是要输入B服务器的密码的
至此 A客户端的配置就结束了,下面进行B服务端的配置:
B机器上配置ssh配置文件
[root@localhost mysql]# vim /etc/ssh/sshd_config
将这三个配置打开 并进行对应的配置 全为yes
创建 /root/.ssh/authorzied_keys文件夹
没有任何sshc操作的机器在root下是没有.ssh/authorzied_keys文件夹的
[root@localhost ~]# mkdir .ssh
[root@localhost ~]# cd .ssh
[root@localhost .ssh]# ls
[root@localhost .ssh]# mkdir authorzied_keys
[root@localhost .ssh]# ls
authorzied_keys
文件夹创建完成。
将从A机复制的id_rsa.pub添加到.ssh/authorzied_keys文件里
[root@localhost .ssh]# cd
[root@localhost ~]# cat id_rsa.pub >> .ssh/authorized_keys
authorized_keys 文件夹权限修改 600
[root@localhost ~]# chmod 600 .ssh/authorized_keys
至此B机器上的配置也完成了,现在就可以用 ssh 192.168.1.1登录B服务器了。