044.ssh自动登陆(无密码)
ssh自动登陆服务器,不需要输入密码,适合服务器集群间互通。
SSH被玩毁了,一些狮友的搜商已经无法搜到ssh自动登陆了 :)
@史荣久 / 2015-06-23 / CC-BY-SA-3.0
Notes
SSH Without a Password
The following steps can be used to ssh from one system to
another without specifying a password.
- The system from which the ssh session is started via the ssh command is the client.
- The system that the ssh session connects to is the server.
- These steps seem to work on systems running OpenSSH.
- The steps assume that a DSA key is being used. To use a RSA key substitute ‘rsa’ for ‘dsa’.
- The steps assume that you are using a Bourne-like shell (sh, ksh or bash)
- Some of this information came from: http://www.der-keiler.de/Mailing-Lists/securityfocus/ Secure_Shell/2002-12/0083.html
Steps:
- On the client run the following commands:
$ mkdir -p $HOME/.ssh
$ chmod 0700 $HOME/.ssh
$ ssh-keygen -t dsa -f $HOME/.ssh/id_dsa -P ''
#This should result in two files,
#$HOME/.ssh/id_dsa (private key) and
#$HOME/.ssh/id_dsa.pub (public key).
2.Copy $HOME/.ssh/id_dsa.pub to the server.
3.On the server run the following commands:
$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys2
$ chmod 0600 $HOME/.ssh/authorized_keys2
#Depending on the version of OpenSSH the following
#commands may also be required:
$ cat id_dsa.pub >> $HOME/.ssh/authorized_keys
$ chmod 0600 $HOME/.ssh/authorized_keys
#An alternative is to create a link from
#authorized_keys2 to authorized_keys:
$ cd $HOME/.ssh
$ ln -s authorized_keys2 authorized_keys
4.On the client test the results by ssh’ing to the server:
$ ssh -i $HOME/.ssh/id_dsa server
5.(Optional) accept host key
for ip in $SERVER_IP; do
ssh-keygen -R $ip
ssh-keyscan -H $ip >> ~/.ssh/known_hosts
done
This allows ssh access to the server without having to specify
the path to the id_dsa file as an argument to ssh each time.
Helps:
- ssh(1)
- ssh-keygen(1)
- ssh_config(5)
题图:Secure Shell, or SSH, is a cryptographic (encrypted) network protocol. SSH is also Spring Struts Hibernate :(
