Server A: 192.168.1.1
Server B: 192.168.1.2
Server A:
Configuration:
ssh-keygen -b 2048 -t rsa
#Here -b 2048 is the length of the key encryption, it is better to set it larger, it is reported that there are hackers in the United States to solve the ssh key to crack.
# http://bbs.yuloo.com/thread-860154-1-1.html
Enter directly 3 times
The key file will be saved in the /root/.ssh directory
At this time, there will be several more files in .ssh
id_rsa private key file
id_rsa.pub Public key file, the contents of this file should be placed in other hosts.
View the id_rsa.pub file
cat /roor/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIcAvh6Lz9ghftghtfghSv + kSrxVLC9UDKq27mg5vhfghAaWcgFgllZhfg2DLnGotmeL / 08bp6jMW / ekSq1BY1eiouiluiliuliul2Rr84x0bB5YShhpgJwuPbwr / pymgukyukyukyuthjkiytiliunzdfkuykyuIZgVvgPTzNdN / RDwJMsafsdvgsdsfsdfdsfsdaflozStYcWjrwzYxsroDPBy4zjd0gH5zMYhj + + vS4OOAZZ8rtHEfx sTE0 = [email protected]
Server B:
Configuration:
Create new folders and files
mkdir /root/.ssh
vim /root/.ssh/authorized_keys
Copy the contents of the KEY file viewed on server A to authorized_keys on server B
The main thing is to change [email protected] to [email protected] so that it is convenient to check which server's KEY is, and there may be multiple servers' keys.
Modify the main configuration file of sshd, disable password authentication login, and use key to log in.
vim /etc/ssh/sshd_config
Find PasswordAuthentication yes
Change to PasswordAuthentication no
service sshd restart
test:
Execute on server A
The first login will require you to enter YES. See if you can log in to the B service without a password.