CentOS6.5配置ssh免密碼登入並解決仍然需要輸入密碼的問題
阿新 • • 發佈:2019-01-08
一、準備工作
id_rsa :私鑰
id_rsa.pub :公鑰
2.生成公鑰認證檔案,並更改許可權
1. 開啟本機的ssh的配置檔案
sudo vi /etc/ssh/sshd_config
把以下內容的行刪除註釋符號“#”RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
2. 然後重新啟動sshd的服務service sshd restart
3. 由於CentOS6.5對於網路的管理相對較於嚴格,所以需要修改下安全配置,即關閉selinux[[email protected] ~]vi /etc/selinux/config
修改以下內容:4.附加:如果您的centos安裝好之後不能上網,即ping baidu.com時提示connect network is unreachable,很有可能是DHCP的問題,是要輸入 sudo dhclient 就可以了。將 SELINUX=enforcing 修改為 SELINUX=disabled
二、配置SSH免密碼登入
1. 生成公鑰和私鑰(只要一路回車就可以了)
[[email protected] ~]ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/usera/.ssh/id_rsa):
Created directory '/home/usera/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/usera/.ssh/id_rsa.
Your public key has been saved in /home/usera/.ssh/id_rsa.pub.
The key fingerprint is:
39:f2:fc:70:ef:e9:bd:05:40:6e:64:b0:99:56:6e:01 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
| Eo* |
| @ . |
| = * |
| o o . |
| . S . |
| + . . |
| + . .|
| + . o . |
| .o= o. |
+-----------------+
預設在 ~/.ssh目錄生成兩個檔案:id_rsa :私鑰
id_rsa.pub :公鑰
2.生成公鑰認證檔案,並更改許可權
$cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
[[email protected] ~]$chmod 700 ~/.ssh/
[[email protected] ~]$chmod 600 ~/.ssh/authorized_keys
3.將生成的公鑰認證檔案複製到其他節點機器[[email protected] ~]$scp ~/.ssh/id_rsa.pub [email protected]:/home/id_rsa.pub
[[email protected] ~]$scp ~/.ssh/id_rsa.pub [email protected]:/home/id_rsa.pub
4.附加:若用過以上方法,輸入 ssh localhost 還是需要提示輸入密碼,這個時候就試試以下方法,通過在每臺節點上執行ssh-copy-id的命令,將生成的公鑰自動新增到authorized_keys中。[[email protected] ~]$ cd ~/.ssh
[[email protected] .ssh]$ ssh-copy-id -i id_rsa.pub "-p 22 [email protected]"
[[email protected] .ssh]$ ssh-copy-id -i id_rsa.pub "-p 22 [email protected]"
若出現以下資訊則代表複製成功!Now try logging into the machine, with "ssh '-p 22 [email protected]'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
然後在測試ssh localhost ,免密成功!