Various clusters under Linux often need to configure remote password-free login. This article mainly describes the detailed process of configuring password-free login under the CentOs6.3 system.
ssh remote login, two authentications:
- Username + Password
- key verification
- Machine 1 generates a key pair and sends the public key to machine 2, and machine 2 saves the public key.
- When machine 1 wants to log in to machine 2, machine 2 generates a random string, encrypts it with machine 1's public key, and sends it to machine 1.
- Machine 1 decrypts it with the private key and sends it back to machine 2, and logs in after successful verification
1. Username + Password
As shown in the figure above, machine 1 wants to log in to machine 2
- The ip of ssh machine 2 (the root user is used to log in by default, but it can also be specified, such as: ssh [email protected] means that user a is specified to log in to machine 2)
- Ask if you need to create a connection yes
- Enter the password of the root user in machine 2 to log in to machine 2
- Enter exit to go back to machine 1
2. Remote password-free login
- Enter the command ssh-keygen
- Press Enter three times to complete the generation of the private key and public key
- Go to the /root/.ssh directory to see the private key and public key generated by the command just now
- Enter ssh-copy-id ip of machine 2
- Then enter the password of machine 2, you can transfer the public key to machine 2
- The authorized_keys file in the /root/.ssh directory of machine 2 saves the public key just passed from machine 1 (you can view it with the cat command, and compare the public key on machine 1, it is the same)
- On machine 1, directly enter the ip of ssh machine 2 to log in to machine 2 without entering the password. Since then, the configuration of remote password-free login has been completed.
Author: py xiaojie
Blog address: http://www.cnblogs.com/52mm/
This article is welcome to reprint, but this statement must be retained without the author's consent, and a link to the original text should be given in an obvious position on the article page