Setup passwordless between servers by manual

陷阱

Linux7开始，默认在selinux级别上都有所增强，特别对于.ssh文件的 上下文 属性必须是ssh_home_t，否则导致其他权限都正确的情况下，passwordless ssh还是会失败。

1. Config the ssh - /etc/ssh/ssh_config

# - ensure the correct values for the following parameters
PasswordAuthentication yes
ChallengeResponseAuthentication yes
UsePAM yes

# - Then restart the sshd
systemctl restart sshd

2. Generate the ssh key with bits of 4096

#- The default key is of 2048 bits

ssh-keygen -t rsa -b 4096

3. Plant the public key in authorized_keys into the remote server

# Method 1 sample

ssh-copy-id remote_username@remote_IP_Address

# Method 2 sample 
cat ~/.ssh/id_rsa.pub | ssh remote_username@remote_ip_address "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

# Method 3 sample
mkdir -p ~/.ssh
touch  ~/.ssh/authorized_keys
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 600 ~/.ssh/*

# - Especially for linux 7 or higher
restorecon -FRvv ~/.ssh
restorecon -FRvv ~/.ssh/*

4. Implement the same and ensure the permission and context for .ssh and authorized_keys are the same

5. Verify the connection without prompt

ssh remote_server_name date