|
1. Generate an access key pair
2. Log in to the remote host using password, and copy the public key 3. Done Generate an access key pair Execute the command ssh-keygen -t rsa The results are as follows: charles@mac:~ > ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/Users/charles/.ssh/id_rsa): Created directory ‘/Users/charles/.ssh’. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/charles/.ssh/id_rsa. Your public key has been saved in /Users/charles/.ssh/id_rsa.pub. The key fingerprint is: c8:4b:85:87:90:7c:1a:67:b6:71:f5:51:0c:9d:a2:89 charles@TCMBP.local The key’s randomart image is: +–[ RSA 2048]—-+ | … .. o=.. | | +.*o. …+ | | Bo+o. o.. | | …+E o | | + S | | . . | | . | | | | | +—————–+ Note: When the enter passphrase prompt pops up, do not enter it. Otherwise, you are setting a password to protect the private key, and you will still have to enter the password at login. After this step, you will find the access key pair which was just generated in cd ~/.ssh, of which id_rsa is the private key, and id_rsa.pub is the public key. Next, you need to copy the public key to the target host. Copy the public key to the target host Log in to the target host using SSH, and then go to the cd ~/.ssh directory. If the directory does not exist, create it using mkdir -p ~/.ssh. You can operate under the home directory of the account which you will use to log in to the host. If you want to achieve password-less login to root, you need to operate under /root. It's better to use ~, nothing else. After the .ssh directory is generated, go to the directory, and then transfer id_rsa.pub using the scp command, which involves a major operation, that is, writing the contents of id_rsa.pub file into a file named authorized_keys. If the .ssh directory and authorized_keys file exist under the corresponding user name of the target host, you should be careful, because someone else may also have made password-less login settings, so you should be careful not to overwrite their settings. If not, create touch ~/.ssh/authorized_keys file, execute cat id_rsa.pub >> authorized_keys, and write your public key into authorized_keys. There is one single line of information in the public key file .pub, and the above command is virtually to add that line of information to the last line of the authorized_keys file. If the .ssh directory was created just now on your host, you may need to change permissions of the directory to a lower level using chmod -R 0600 ~/.ssh. Thus far, the settings are done, and you can log out, and try it on your own host. After that, you will be able to log in to the host without password after typing the SSH command. |
|
