ssh配置
主机A:10.0.5.199
主机B:10.0.5.198
需要配置主机A无密码登录主机A,主机B
先确保所有主机的防火墙处于关闭状态。
SSh配置的准备工作:
1、确认主机A的sshd的配置文件(需要root权限)
$ gedit /etc/ssh/sshd_config
找到以下内容,并去掉注释符”#“
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
2、如果修改了配置文件需要重启sshd服务 (需要root权限)
$ /sbin/service sshd restart
配置SSH无密码登录需要3步:
1.生成公钥和私钥
2.导入公钥到认证文件,更改权限
3.测试
在主机A上生成公钥私钥:
[root@client ~]# ssh -keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
c6:66:93:16:73:0b:bf:46:46:28:7d:a5:38:a3:4d:6d root@client
The key's randomart image is:
+--[ RSA 2048]----+
| . |
| . + o |
| . @ E |
| * & . |
| . S = |
| = + . |
| o |
| . |
| |
+-----------------+
默认会生成到 ~/.ssh/id_rsa文件中 下:
[root@client ~]# ls -l ~/.ssh
total 8
-rw-------. 1 root root 1675 Jul 27 15:01 id_rsa
-rw-r--r--. 1 root root 406 Jul 27 15:01 id_rsa.pub
设置权限:
chmod 700 ~/.ssh && chmod 600 ~/.ssh/*
拷贝到服务器上
[root@client ~]# ssh root@server 'mkdir -p /root/.ssh'
[root@client ~]# scp /root/.ssh/id_rsa.pub root@server:/root/.ssh/authorized_keys
[root@client ~]# ssh root@server 'chmod 700 /root/.ssh && chmod 600 /root/.ssh/*'
安装必要组件
[root@client ~]# ssh root@server 'yum install openssh-clients'
最重要的一步,如果服务端开了 selinux, 则必须修改 .ssh 的权限,不做这一步,上面做的再好也登录不了。
[root@client ~]# ssh root@server 'restorecon -R -v /root/.ssh'
搞定收工~
from:http://www.cnblogs.com/shengshuai/archive/2012/08/22/centos6_ssh_passwordless.html
