CentOS 6/7 SSHパスワードフリーでログイン
8069 ワード
私たちは4台のサーバーでテストをして、IPはそれぞれ
A:192.168.1.211
B:192.168.1.212
C:192.168.1.213
D:192.168.1.214
4台のコンピュータで同時に操作
CentOS 6はここまでで操作済み、CentOS 7はsshd_を配置する必要がありますconfigファイルとファイルとディレクトリへの権限の付与
では、ここで4台のパソコン間のSSHのパスワード免除アクセスを完了しました.
A:192.168.1.211
B:192.168.1.212
C:192.168.1.213
D:192.168.1.214
4台のコンピュータで同時に操作
ssh-keygen -t rsa
は3回連続で車に戻り、システムは/root/.ssh/次は公開鍵と秘密鍵を生成する[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
89:1d:2d:8f:a9:a8:5a:db:d2:eb:77:d1:ba:fd:d5:02 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
| |
| . |
| o . |
| o B |
| . S.. E |
| . .. . . . |
| ... . o o .|
| ..+. . o. . . |
|..oo+o ...... |
+-----------------+
[root@localhost ~]#
B、C、Dの3台のコンピュータの公開鍵をAに送信し、上書きしないように名前を変更します.[root@localhost ~]# scp /root/.ssh/id_rsa.pub 192.168.1.211:/root/.ssh/id_rsa.pub2
The authenticity of host '192.168.1.211 (192.168.1.211)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.211' (RSA) to the list of known hosts.
[email protected]'s password:
id_rsa.pub 100% 408 0.4KB/s 00:00
[root@localhost ~]#
[root@localhost ~]# scp /root/.ssh/id_rsa.pub 192.168.1.211:/root/.ssh/id_rsa.pub3
The authenticity of host '192.168.1.211 (192.168.1.211)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.211' (RSA) to the list of known hosts.
[email protected]'s password:
id_rsa.pub 100% 408 0.4KB/s 00:00
[root@localhost ~]#
[root@localhost ~]# scp /root/.ssh/id_rsa.pub 192.168.1.211:/root/.ssh/id_rsa.pub4
The authenticity of host '192.168.1.211 (192.168.1.211)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.211' (RSA) to the list of known hosts.
[email protected]'s password:
id_rsa.pub 100% 408 0.4KB/s 00:00
[root@localhost ~]#
送信が完了したら、Aの/root/.を確認します.ssh/ディレクトリ[root@localhost ~]# ll /root/.ssh/
total 20
-rw------- 1 root root 1675 Oct 9 15:18 id_rsa
-rw-r--r-- 1 root root 408 Oct 9 15:18 id_rsa.pub
-rw-r--r-- 1 root root 408 Oct 9 15:21 id_rsa.pub2
-rw-r--r-- 1 root root 408 Oct 9 15:22 id_rsa.pub3
-rw-r--r-- 1 root root 408 Oct 9 15:22 id_rsa.pub4
[root@localhost ~]#
は、自分自身の公開鍵と秘密鍵のほかに、B、C、Dから送られてきた公開鍵が3つも増えていることを見ることができる.次に、Aパソコンに4つの公開鍵をauthorizedに書き込みます.keysファイル[root@localhost ~]# cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
[root@localhost ~]# cat /root/.ssh/id_rsa.pub2 >> /root/.ssh/authorized_keys
[root@localhost ~]# cat /root/.ssh/id_rsa.pub3 >> /root/.ssh/authorized_keys
[root@localhost ~]# cat /root/.ssh/id_rsa.pub4 >> /root/.ssh/authorized_keys
[root@localhost ~]#
書き込み完了authorizedを確認してください.keysファイルに内容があるかどうか[root@localhost ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6Y6cL086xfqj1VFnVeNeGxDtakT6yXbPphMUSgVdICKRfQEsZdbuqx3CpZ7AsxzGqtjqusfcE0wkZHTpB9+w2ewwyqzLEesGQke3MU+ppeKeRTVmuVaeZ/+p0ivKECX3C0eFPZmxXg/Tp35UzM09fGuHTVT6PQ+NNml3A7BIXLu9aZ6V0H9VGgbtjdvBGdmpx8COwhSaatZOMRY+zHXJtynpudFYclnqefwTTYB7EsIhkf8lEQZPqLfjyX2XPp3V5gGrvPda/VlkBQRCKaF5zqlg024e1Wf9bYPgSLh+R+XxWQzTlBrG9ayvMkdMHb2DOUNYnnspt9I4jxPazra3aQ== [email protected]
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3h2kkCOzvYcHnSy03DiW7phqQ4SxNnuV7qiKcXgMDi56pL23vrAiPDraeyn6zRgtwwSPS47ZbtQ7hgUEVZ8MNzcu4JIBW/QEPuGFA2rX9n19h9e1TCvVxlC2zRAgQs/8lUBTXO+63Ua/W1GeKOxOLUiLBPLmHOkhFkngVpzaFWrqj/YhgqQ+hemDUmrNkDCs3EBIBoF8QAH0z3mCr0pMVv8HEFFvwS4tSnwJDvh+86/tFUwzO/6uUa4hY/XvF/IhVUiB39zKFLdKxU5K03ZzTHMLxbzeUKLwY0uOLoP+9lzwj08EUjmYkyQgXaT3ZKM9m8RoBMGvcRnos0jl/By2OQ== [email protected]
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvUnnRJ0W9HNY655XMk1nUnSqQHmNNurTUfOGehEJG/lWaqYgbtxzxw2WA4+76rvMJ/Reqi6c5kc/K3sE0Qz8MoCFbItG5ROFjSieS7TyBi/351bVcsIhcC4JmltJx73dt9eQSdVJlN4eVVqSqPs9TK6YpnydA3AGmcZCCpVLESuzj7geXzMO16m+un/4OfQFFlcIcT5m/6zP1C/XiljFwlTD6v/8UFDlm4a7yXOrm+1mF6GjEifOiPGPVILOv6PlCrM21Z0yeh/sTJ36308LjGwuk+4qFzY+X0o+hP7Q1jEJjnETOnCSIttUdMzBwclVonKBAPOxqY1g+UCy6Plfdw== [email protected]
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvO4L3lAycE6sXb+60s5KDtzLAoY6XwxpBKM6rIz2aX/qYOZBVDfqZYIRI7V03xVudfcuaPab8tUEnReXYsn6o9OX5WmBxu94Uu6SaiQmD7PvVNdV8wScsyd4lB6rkxne436A53d7TYH3IugDmdnaI8fXEv60BUQMPcbpwyxaCwzRqISglj2iog8LfV3yGfJed/cGp8RvgcToDNYbK2Q+ZVgZHiiHQcGpxbHmTRtavGtA6nFBs6K+l7XzfwvN7f/yL++6z/DjDMwuoHHIGY2Uhn5YCbDTppU1aRjXTvp/eOWg3x1BYiI2gHqqpOaDVSYZsNgp79Pu1CnyGFQeu2luhQ== [email protected]
[root@localhost ~]#
次にauthorizedを生成します.keysファイルはB、C、D各パソコンに入れます[root@localhost ~]# scp /root/.ssh/authorized_keys 192.168.1.212:/root/.ssh/
The authenticity of host '192.168.1.212 (192.168.1.212)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.212' (RSA) to the list of known hosts.
[email protected]'s password:
authorized_keys 100% 1632 1.6KB/s 00:00
[root@localhost ~]# scp /root/.ssh/authorized_keys 192.168.1.213:/root/.ssh/
The authenticity of host '192.168.1.213 (192.168.1.213)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.213' (RSA) to the list of known hosts.
[email protected]'s password:
authorized_keys 100% 1632 1.6KB/s 00:00
[root@localhost ~]# scp /root/.ssh/authorized_keys 192.168.1.214:/root/.ssh/
The authenticity of host '192.168.1.214 (192.168.1.214)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.214' (RSA) to the list of known hosts.
[email protected]'s password:
authorized_keys 100% 1632 1.6KB/s 00:00
[root@localhost ~]#
CentOS 6はここまでで操作済み、CentOS 7はsshd_を配置する必要がありますconfigファイルとファイルとディレクトリへの権限の付与
sudo vim /etc/ssh/sshd_config
次の2行を放して、#を取り除けばいいです.RSAAuthentication yes
PubkeyAuthentication yes
保存終了後、.sshディレクトリauthorized_keys賦権chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
では、ここで4台のパソコン間のSSHのパスワード免除アクセスを完了しました.
[root@localhost ~]# ssh 192.168.1.211
Last login: Mon Oct 9 15:08:18 2017 from 192.168.1.40
[root@localhost ~]#
sshでログインしてからlogoutコマンドでログインできます[root@localhost ~]# logout
Connection to 192.168.1.211 closed.
[root@localhost ~]#
はい、これはここまでです.何か質問があれば、皆さんの伝言を歓迎します.