There are two linux servers A (192.168.0.12) and server B (192.168.0.6) in the system. What is needed now is that you can directly connect to server B via SSH without using a password on server A.
1. Generate public and private keys
By generating the public and private keys on client A, the generated public and private key commands are as follows:
ssh-keygen -t rsa -f ~/.ssh/id_rsa -b: Specifies the key length; -e: Read the private key or public key file of openssh; -C: add a comment; -f: Specifies the file name used to save the key; -i: read an unencrypted ssh-v2 compatible private/public key file, then display the openssh compatible private/public key on standard output; -l: Display the fingerprint data of the public key file; -N: provide a new secret word; -P: provide (old) passphrase; -q: silent mode; -t: Specifies the type of key to create.
After the execution is completed, the id_rsa and id_rsa.pub files will be generated in the ~/.ssh/ root directory.
2. Copy the ~/.ssh/id_rsa.pub file generated in server A to the ~/.ssh/ directory of any user on server B
Note: If the .ssh folder does not exist in the user path of server B, it needs to be created manually (mkdir .ssh), and the .ssh permission must be set to (chmod 700 .ssh), which is a key point. Other permissions cannot take effect .
After copying id_rsa.pub to the ~/.ssh/ directory of server B, execute the following command in the ~/.ssh/ directory:
cat id_rsa.pub >> authorized_keys
chmod 644 authorized_keys
The authorized_keys file will be generated, and authorized_keys will be authorized as 644 permissions. The permissions of the authorized_keys file must be set to 644, and other permissions will be invalid (I just dropped the hole here)
3. After setting the above code, connect to server B through SSH in server A. The connection command is as follows:
ssh -p 23 xxxxx@192.168.0.6
Where -p specifies the connection port xxxxx is the ssh link username
If a password is still required to connect successfully, please check the following:
1. Whether the firewalls of server A and server B have been closed (service iptables status)
2. Check whether the permissions set in the ~/.ssh folder in server B are 700
3. Check whether the permissions of the ~/.ssh/authorized_keys file in server B are 644
4. When the first link is successful, a known_hosts file will be generated under the ~/.ssh/ folder, which will record the first link information. Please delete the content of the corresponding IP once you link.