SSH is a common LINUX command used to remotely log in to other LINUX systems. If there is only one, it is only a password, also to ok. However, in a cluster, you must enter the password to log in to the system each time, which inevitably reduces efficiency.
In fact, SSH supports two login modes: common password login and key login. Today we’ll find out what the key login is all about.
To help understand, I drew the following picture
In fact, SSH services can also be divided according to the C-S architecture. Here, the current host is abstracted as client A, and the remote server is abstracted as server B
We first generate A pair of keys in the local A host, including A private key and A public key. A private key can be understood as a representation used to identify oneself, while a public key can be understood as a public pass,
Take a popular example, the private key can be understood as an ID card, and the public key can be understood as a card reader. If the card reader identifies the ID card successfully, it will pass.
Back to the topic, A generates A stack of keys and copies the public key to B’s authorization list. When A logs in to B again, he brings the private key with him and verifies the public key. If A exists in the authorization queue of B, the authentication succeeds.
The command is as follows:
ssh-keygen
Copy the code
This command generates A pair of keys in A, as shown below:
Just press enter all the way, and you’ll get a schematic
View the file structure in the directory where the key resides
ll .ssh
Copy the code
The diagram below:
The id_rsa file is the private key, and the. Pub file is the public key. You can use the SCP command to copy the file to the authorized directory of host B on the server, or use SSH to quickly deploy the file
As follows:
SSH - copy - id 119.45.207.226Copy the code
This deploys A’s public key on host B, after which you can use SSH to log in from A to B confidentially
If you specify a user, you need to use the user name and @ link before the server address, as shown below:
This will deploy the key to my remote server B. When I log in again, I just need to use SSH and add the address of the remote server to log in directly, as shown in the picture below:
You can see that we’ve logged in successfully
Look again at the file structure in B
At the end of the authorized_keys file is clearly marked yq@ubuntu, which is my client host A
SSH secret free login, that’s it!