SSH password-free login configuration under CentOS

Rough process:

1. Create a pair of key files on the client, including the public key file (~/.ssh/id_rsa.pub) and the private key file (~/.ssh/id_rsa).

2. Put the public key on the server On (~/.ssh/authorized_keys), when using ssh to log in, the ssh program will send the private key to match the public key on the server. If the match is successful, you can log in without a password.

Preparations

(root privilege): 1. Check whether ssh is installed

# rpm -qa | grep ssh

If installed, the display is as follows:

openssh-clients-5.3p1-81.el6.x86_64
openssh-5.3p1 -81.el6.x86_64
openssh-server-5.3p1-81.el6.x86_64
libssh2-1.2.2-7.el6_2.3.x86_64

2. If not installed, install ssh

# yum install -y openssh-server openssh-clients

3. Verify that the installation is successful

# ssh -V

4. Modify the ssh configuration

  Use root login to modify the configuration file: /etc/ssh/sshd_config, remove the following comments, as follows:

  Port 22

  HostKey /etc/ssh/ssh_host_rsa_key
  HostKey /etc/ssh /ssh_host_dsa_key

  RSAAuthentication yes
  PubkeyAuthentication yes
  AuthorizedKeysFile .ssh/authorized_keys

  IgnoreRhosts yes

5. Restart the ssh service

# service sshd restart

Create a common user:

1. Create a user

# useradd hadoop

2. Set a password

# passwd hadoop

3. Switch to a common user

# su - hadoop


configure SSH :

1. Generate public key and private key

# ssh-keygen -t rsa

# cd .ssh

# ls

generate two files in the .ssh directory:
id_rsa : private key
id_rsa.pub : public key


2. Import the public key into the authentication file, Change the authority to

   switch to root user

   # su - root

   2.1 Import the machine

       According to the value of the AuthorizedKeysFile item in the configuration file /etc/ssh/sshd_config: .ssh/authorized_keys, the public key needs to be imported into this file to realize verification

       # cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys 

       # chmod 600 authorized_keys

   2.2 Import the server for password-free login
       First copy the public key to the server

       # scp ~/.ssh/id_rsa.pub xxx@host :/home/id_rsa.pub 
      
       Then, import the public key into the authentication file (this step is done on the server)

       #cat /home/id_rsa.pub >> ~/.ssh/authorized_keys

       Note: if you want each All machines need password-free login, then add the public key generated by each machine to the authorized_keys file


    2.3 Change permissions on the server
       # chmod 700 ~/.ssh
       # chmod 600 ~/.ssh/authorized_keys 



Note:
1) .ssh directory Permissions must be 700
2) .ssh/authorized_keys file permissions must be 600