不用密码SSH登录远程服务器

Step 1 of 2 : On local machine: Generate Authentication Keys

Authentication keys are a pair of private and public keys. Your public key is also a 2-3 lines long gibberish word. The public key is like your login and becomes your identity. Your private key are like your password, but much longer that a regular password. You can generate your public and private keys by typing the following command:

ssh-keygen -t rsa

ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/vineetmanohar/.ssh/id_rsa):

Accept the default choice. Hit enter .

Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Hit enter twice . A passphrase encrypts your private key so that no one can see it. However, you cannot encrypt your private key if you want a password-less login.

The key fingerprint is:
5e:26:52:34:a1:22:18:68:11:11:7d:8d:c6:d5:4b:bf vineetmanohar@vineetmanohr.com

What just happened?

On your local server you just created 2 files in your ~/.ssh directory.

cd ~/.ssh

ls -l

 cd ~/.ssh
 ls -l

-rw------- 1 vineetmanohar vineetmanohar 1675 2009-07-17 17:27 id_rsa
-rw-r--r-- 1 vineetmanohar vineetmanohar  411 2009-07-17 17:27 id_rsa.pub

id_rsa contains your private key. id_rsa.pub contains your public key.

Step 2 of 2 : On remote machine: authorize password less login

Login to remote machine

ssh hostname -l username

ssh hostname -l username

The authenticity of host 'vineetmanohar.com (XXX.XXX.XXX.XX)' can't be established.
RSA key fingerprint is 44.2b:93:ce:1b:1b:99:3a:6d:91:d1:50:aa:0d:87:40.
Are you sure you want to continue connecting (yes/no)?

Type yes and hit enter.

Warning: Permanently added 'vineetmanohar.com,XXX.XXX.XXX.XX' (RSA) to the list of known hosts.
username@vineetmanohar.com's password:

Enter your password, and hit enter.
Create a .ssh directory on the remote machine and create a .authorized_keys file in that directory. You need to copy the entire contents of your local machine’s ‘id_rsa.pub’ and paste it in the .authorized_keys file on the remote server.

mkdir .ssh

chmod 700 .ssh

cd .ssh

touch authorized_keys

chmod 600 authorized_keys

vi authorized_keys

# copy-paste the entire contents of your local machine's ~/.ssh/id_rsa.pub file in authorized_keys

# logout

exit

mkdir .ssh
chmod 700 .ssh
cd .ssh
touch authorized_keys
chmod 600 authorized_keys
vi authorized_keys
# copy-paste the entire contents of your local machine's ~/.ssh/id_rsa.pub file in authorized_keys
# logout
exit

You should now be able to login to the remote server without typing your password.

# type this command from your local machine

ssh hostname -l username

# type this command from your local machine
ssh hostname -l username

SSH should log you in without password! Now, you can also scp or rsync (over ssh) without having to enter your password.