1. Problem description
Suppose there are two servers, A is the Jenkins build server, and B is the application server. The existing problem is that after A builds the application, the package is sent to the B server for publishing, and the startup command is executed? At this time, you need to use the remote "password-free" login.
2. Solution principle
Public key authentication is to use the RSA encryption algorithm to generate a pair of encrypted strings, one is called the public key, and anyone can see its content for encryption; the other is called the private key, Only the owner can see it for decryption. When using jenkins to automatically build and remotely log in to the server for publishing applications, you need to use SSH public key authentication to solve the problem of logging in to the server.
3. Operation steps
1. Use the command on the A server: cd /root/.ssh to enter the /root/.ssh directory
2. Generate a key pair in the corresponding directory on the A server. Command: ssh-keygen -t rsa -P '', after pressing Enter, two files, id_rsa (private key) and id_rsa.pub (public key), will be generated.
[root@user .ssh]# ssh-keygen -t rsa -P '' Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: c2:ce:70:bd:4c:49:00:c7:4a:e4:6e:3b:b9:e7:90:c7 [email protected] The key's randomart image is: +---[ RSA 2048]----+ | .ooo | | ..... | | ... . | | ... O . | | + + S | | . X + . | | * And the | | =. | | .O. | +-----------------+
3. Use cat id_rsa.pub (public key) to view the content and copy this command.
[root@user .ssh]# cat id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtOQDhB3jLr7MGfUPi7KjVnOIYplcfNQpYJRPfdwn8ImvqZJGiR8ZQd2GRnNQ9VoXa3hosdQbdlTydehlxqAXd3i4/jxbk/8sfbk6w62wgHUWoV3PA88BvqASZ9YLoO6euWXYAi/wi2/vcUJQhsjHdYsaTUJ59JE4zhy
DY8rsgQ3yb1Mcjyen6lnUNk/UxvdXrtmSPW2yDd4QdJ33p4BmAwGK8IBziNK2IHbdddjtQCfviCQi6HBiKdBlrOpNgk1FTkA2FsCSAt0Ec5qy+didrSZ1OZGNrN0vBLYe0Q+kD5LI4dbnmUOhwnPy4GkJ4zK42Woy/stJbnmsTfRPpwbKQ6== [email protected]
4、在B服务器上,进入目录:/root/.ssh,并执行如下命令:
echo 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtOQDhB3jLr7MGfUPi7KjVnOIYplcfNQpYJRPfdwn8ImvqZJGiR8ZQd2GRnNQ9VoXa3hosdQbdlTydehlxqAXd3i4/jxbk/8sfbk6w62wgHUWoV3PA88BvqASZ9YLoO6euWXYAi/wi2/vcUJQhsjHdYsaTUJ59
JE4zhyDY8rsgQ3yb1Mcjyen6lnUNk/UxvdXrtmSPW2yDd4QdJ33p4BmAwGK8IBziNK2IHbdddjtQCfviCQi6HBiKdBlrOpNgk1FTkA2FsCSAt0Ec5qy+didrSZ1OZGNrN0vBLYe0Q+kD5LI4dbnmUOhwnPy4GkJ4zK42Woy/stJbnmsTfRPpwbKQ6== [email protected]' >> authorized_keys
5、如果还有其他应用服务器C,那么重复步骤4即可。
6、其他知识,在A服务器上可以使用产生的私钥登录到其他服务器,命令如下:
ssh -i id_rsa [email protected]