SSH 登入免密碼設定
作業系統:Debian 6
連線SSH登入不用輸入密碼的設定,是為了方便排程 Rsync 備份作業。設定過程和原理如同準備兩份鑰匙,一把交給對方保管,將來登門拜訪時拿鑰匙識別通關。這些「鑰匙」在網路世界裡,就是一長串英文字母與數字的組合,而製作鑰匙的工具則是 Linux「ssh-keygen」指令。
連線端建立金鑰
執行「ssh-keygen」指令建立金鑰,首次執行需按三次Enter。
Generating public/private rsa key pair.
Enter file in which to save the key (/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /user/.ssh/id_rsa.
Your public key has been saved in /user/.ssh/id_rsa.pub.
The key fingerprint is:
33:4f:4f:08:c3:4a:f1:5b:e0:dd:96:96:f9:8d:6a:53 user@hostname
確認私鑰與公鑰兩個檔案已建立:
ls -al ~/.ssh
drwx------ 2 user user 4096 2011-03-01 13:55 .
drwx------ 5 user user 4096 2011-03-01 13:52 ..
-rw------- 1 user user 1679 2011-03-01 13:55 id_rsa
-rw-r--r-- 1 user user 394 2011-03-01 13:55 id_rsa.pub
不放心的話就都改成「600」的權限吧!
vi ~/.ssh/id_rsa.pub
檢視公鑰檔案會看到一串字碼,如:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ...... 6GkPLPGndut4+rcVB.....AkRItZ9tkx user@hostname
選取複製這些資料。
登入SSH伺服器後貼上前面暫存的公鑰檔案內容
vi ~/.ssh/authorized_keys
「authorized_keys」檔案可能不存在,直接編輯存檔即可。
OK !
連線SSH登入不用輸入密碼的設定,是為了方便排程 Rsync 備份作業。設定過程和原理如同準備兩份鑰匙,一把交給對方保管,將來登門拜訪時拿鑰匙識別通關。這些「鑰匙」在網路世界裡,就是一長串英文字母與數字的組合,而製作鑰匙的工具則是 Linux「ssh-keygen」指令。
連線端建立金鑰
執行「ssh-keygen」指令建立金鑰,首次執行需按三次Enter。
Generating public/private rsa key pair.
Enter file in which to save the key (/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /user/.ssh/id_rsa.
Your public key has been saved in /user/.ssh/id_rsa.pub.
The key fingerprint is:
33:4f:4f:08:c3:4a:f1:5b:e0:dd:96:96:f9:8d:6a:53 user@hostname
確認私鑰與公鑰兩個檔案已建立:
ls -al ~/.ssh
drwx------ 2 user user 4096 2011-03-01 13:55 .
drwx------ 5 user user 4096 2011-03-01 13:52 ..
-rw------- 1 user user 1679 2011-03-01 13:55 id_rsa
-rw-r--r-- 1 user user 394 2011-03-01 13:55 id_rsa.pub
不放心的話就都改成「600」的權限吧!
vi ~/.ssh/id_rsa.pub
檢視公鑰檔案會看到一串字碼,如:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ...... 6GkPLPGndut4+rcVB.....AkRItZ9tkx user@hostname
選取複製這些資料。
登入SSH伺服器後貼上前面暫存的公鑰檔案內容
vi ~/.ssh/authorized_keys
「authorized_keys」檔案可能不存在,直接編輯存檔即可。
OK !
Information and Links
Join the fray by commenting, tracking what others have to say, or linking to it from your blog.
