Welcome 微信登录
编程资源 图片资源库 蚂蚁家优选

首页 / 操作系统 / Linux / Ubuntu和CentOS如何配置SSH使得无密码登陆

在使用Hadoop的时候,一般配置SSH使得我们可以无密码登录到主机,下面分别以Ubuntu和CentOS两个平台来举例说明如何配置SSH使得我们可以无密码登录到主机,当然,你得先安装好SSH服务器,并开启(关于如何在Linux平台下安装好SSH请参加本博客的《Linux平台下安装SSH》 http://www.linuxidc.com/Linux/2014-01/94793.htm)Ubuntu配置步骤如下所示:[linuxidc@localhost ~]$ ssh-keygen -t dsa -P ""
Generating public/private dsa key pair.
Enter file in which to save the key (/home/linuxidc/.ssh/id_dsa):
Created directory "/home/linuxidc/.ssh".
Your identification has been saved in /home/linuxidc/.ssh/id_dsa.
Your public key has been saved in /home/linuxidc/.ssh/id_dsa.pub.
The key fingerprint is:
bd:2c:ed:ab:6d:a9:b2:45:88:32:08:5a:d2:d9:ad:cc linuxidc@ubuntu
The key"s randomart image is:
+--[ DSA 1024]----+
|               |
| . o .         |
|o + . .          |
|o+ o o . .     |
|o o E . S .      |
| o . o .   |
|        o +.   |
|      .. +o      |
|      .oo++.   |
+-----------------+
这样就会在linuxidc用户的/home/linuxidc/.ssh/目录下生成id_dsa和id_dsa.pub两个文件,输出如下:[linuxidc@ubuntu ~]$ cd /home/linuxidc/.ssh/
[linuxidc@ubuntu:~/.ssh]$ ls -l
total 8
-rw------- 1 linuxidc linuxidc 668 2013-10-21 02:51 id_dsa
-rw-r--r-- 1 linuxidc linuxidc 600 2013-10-21 02:51 id_dsa.pub
将id_dsa.pub里面的内容加到用于认证的公钥文件中,命令如下(注意:不要复制,一定要用cat去操作,不信你可以去试试。):[linuxidc@ubuntu:~/.ssh]$ cat id_dsa.pub >> authorized_keys
输入下面命令,如果显示如下类似的信息,就说明配置好了![linuxidc@ubuntu:~/.ssh]$ ssh localhost
The authenticity of host "localhost (::1)" can"t be established.
RSA key fingerprint is 22:9b:94:45:dc:f0:c8:02:03:b2:a1:30:d3:04:92:01.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added "localhost" (RSA) to the list of known hosts.
linux ubuntu 2.6.32-38-generic #83-Ubuntu SMP Wed Jan 4 11:12:07 UTC 2012
x86_64 GNU/linux
Ubuntu 10.04.4 LTSWelcome to Ubuntu!
 * Documentation:  https://help.ubuntu.com/242 packages can be updated.
213 updates are security updates.New release "precise" available.
Run "do-release-upgrade" to upgrade to it.The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.[linuxidc@localhost ~]$
但是实际上,很多人都没有这么顺利的,一般的问题都是文件权限设置的不对,请把.ssh和authorized_keys的访问权限分别设置为755个600(也就是只有自己对上面两个文件有写权限),命令如下:[linuxidc@localhost ~]$ chmod 755 /home/linuxidc/.ssh
[linuxidc@localhost ~]$ chmod 600 /home/linuxidc/.ssh/authorized_keys
假如这台服务器上面还有test用户,如何使得linuxidc用户能够无密码登录到test(IP地址为192.168.142.129)呢?执行下面命令[linuxidc@localhost ~]$ cat /home/linuxidc/.ssh/id_dsa.pub |
ssh test@192.168.142.129 "cat - >> ~/.ssh/authorized_keys"
之后,在linuxidc用户下执行下面命令[linuxidc@localhost ~]$ ssh test@192.168.142.129
linux ubuntu 2.6.32-38-generic #83-Ubuntu SMP Wed Jan 4 11:12:07
 UTC 2012 x86_64 GNU/linux
Ubuntu 10.04.4 LTSWelcome to Ubuntu!
 * Documentation:  https://help.ubuntu.com/240 packages can be updated.
213 updates are security updates.New release "precise" available.
Run "do-release-upgrade" to upgrade to it.Last login: Mon Oct 21 02:48:01 2013 from localhost
[test@localhost ~]$
如果出现上述类似的信息,说明成功了!登陆到test用户了。注意上面的信息只有第一次登录的时候才会显示,以后登陆只会显示下面类似的信息:[linuxidc@localhost ~]$ ssh test@192.168.142.129
Last login: Mon Oct 21 02:49:51 2013 from localhost
[test@localhost ~]$
上面是以Ubuntu平台为例子,下面来说说怎么在CentOS平台上面配置,(CentOS由于权限比Ubuntu的更加严格,所以配置起来比较麻烦),首先,我们需要设置一下/etc/ssh/sshd_config文件,请将/etc/ssh/sshd_config文件中下面三行的注释去掉:[root@localhost ~]# vim /etc/ssh/sshd_config
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys
其余的步骤和开始的一样如下所示:[linuxidc@localhost ~]$ ssh-keygen -t dsa -P ""
Generating public/private dsa key pair.
Created directory "/home/linuxidc/.ssh".
Your identification has been saved in /home/linuxidc/.ssh/dsa.
Your public key has been saved in /home/linuxidc/.ssh/dsa.pub.
The key fingerprint is:
15:57:37:f1:ee:05:26:3a:9e:e1:aa:b3:11:27:b3:1a linuxidc@localhost.localdomain
The key"s randomart image is:
+--[ DSA 1024]----+
|          . ...oo|
|         o .o|
|          . . o .|
|       . . o o |
|      + S +   o|
|     * o + ..|
|    E o +   .|
|   o.. .     |
|    . o+.        |
+-----------------+
[linuxidc@localhost ~]$ cat ~/.ssh/dsa.pub >> ~/.ssh/authorized_keys
[linuxidc@localhost ~]$ ssh localhost
The authenticity of host "localhost (127.0.0.1)" can"t be established.
RSA key fingerprint is f3:f8:0b:26:a1:8e:14:55:34:ec:cb:99:f8:70:2c:d3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added "localhost" (RSA) to the list of known hosts.
Last login: Fri Aug  9 08:39:32 2013 from 192.168.142.1
[linuxidc@localhost ~]$好了,配置完成了。相关阅读:Ubuntu 下配置 SSH服务全过程及问题解决 http://www.linuxidc.com/Linux/2011-09/42775.htmUbuntu 12.04下安装Git,SSH及出现的Permission denied解决办法 http://www.linuxidc.com/Linux/2013-06/85336.htmUbuntu 12.10下OpenSSH的离线安装方法 http://www.linuxidc.com/Linux/2013-04/82814.htmUbuntu下SSH安装或设置 http://www.linuxidc.com/Linux/2013-07/87368.htm更多CentOS相关信息见CentOS 专题页面 http://www.linuxidc.com/topicnews.aspx?tid=14Linux平台下安装SSHLinux free 命令 - 显示系统中空闲和已使用的内存相关资讯      ssh配置  SSH无密码登陆 
  • CentOS6.4之图解SSH无密码验证双向  (06月12日)
  • SSH无密码登陆权威指南  (08/29/2015 14:00:53)
  • Spark SSH配置  (01/08/2015 10:13:49)
  • Shell自动化部署批量建立用户和批  (03月07日)
  • Linux(CentOS)SSH无密码验证登陆  (06/11/2015 13:08:28)
  • 两台主机可以无需密码而直接互相登  (05/14/2014 08:54:12)
本文评论 查看全部评论 (0)
表情: 姓名: 字数