Linux之间ssh免密码登录

摘要: Linux之间ssh免密码登录

一、生成公私钥对

$ ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
88:64:ed:a1:a7:a2:c0:b4:ee:77:38:2f:c7:39:c6:c1 root@QA-5-45
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|     .           |
|    o o          |
|   o + o         |
| .  + + S        |
|o .  E           |
|.o. = o          |
|o. * O           |
|oo. B..          |
+-----------------+
-P phrase   Provide old passphrase. 这个是指使用私钥的密码
-t type     Specify type of key to create. 这个是创建公私钥的类型

$ ll .ssh/
total 8
-rw-------. 1 root root 1675 Sep  6 04:12 id_rsa
-rw-r--r--. 1 root root  394 Sep  6 04:12 id_rsa.pub

二、复制公钥到免密码登录的机器

$ ssh-copy-id root@172.17.5.46
The authenticity of host '172.17.5.46 (172.17.5.46)' can't be established.
RSA key fingerprint is 8e:ac:89:5d:10:be:e7:d8:a2:34:0b:bf:70:cd:ce:33.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.5.46' (RSA) to the list of known hosts.
root@172.17.5.46's password:
Now try logging into the machine, with "ssh 'root@172.17.5.46'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

免登录机器上：

$ ll .ssh/
total 4
-rw-------. 1 root root 394 Sep  6 04:16 authorized_keys

三、测试

# ssh 172.17.5.46
Last login: Sun Sep  6 04:06:43 2015 from 172.17.5.45
[root@node2 ~]#

成功免密码登录。

四、结论

免密码登录不用再每次都输入密码，方便了许多；

rsync也可以使用ssh认证在linux服务器之间免密码传输文件；

最好别配置root用户的免密码登录