SSH-免密码互相远程登录

环境

操作系统：win7

虚拟机： centos7

1、在本机中创建秘钥

1、执行命令：ssh-keygen -t rsa -C "xx@qq.com"(随便编个字符串，一般用邮箱）
2、之后一路回车就行啦；会在～（home）目录下中产生.ssh（隐藏）文件夹；
3、里面有两个文件id_rsa(私钥)、id_rsa.pub(公钥)文件

注意事项：
①在liunx环境下，要想复制公钥或是私钥，不要使用vim等编辑器打开文件来复制粘贴；
因为它会产生不必要的回车。
②应该使用cat把内容打印到终端上再来复制粘贴；

2、用 ssh-copy-id 把公钥复制到远程主机上

[yutao@localhost ~]$ ssh-copy-id yutao@192.168.161.132 #把秘钥拷贝到远程服务器

用这种方式拷贝使用的端口是Linux默认的22，如果你想指定端口，可以使用：

ssh-copy-id -i /用户名/.ssh/id_rsa.pub '-p 端口号 远程服务器用户名@106.75.52.44'

ssh-copy-id -i /root/.ssh/id_rsa.pub '-p 22222 root@106.75.52.44'

这里一定要注意

root@106.75.52.44

这个

root

是指远程服务器的用户名，也就是远程那台机子上存在的用户名。

这里可能需要等一段时间，反正我是等了挺久的时间，然后显示要你输入密码：

root@106.75.52.44's password:
输入完密码后，显示：
Now try logging into the machine, with "ssh '-p 22222 root@106.75.52.44'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

表示成功了！

注意：ssh-copy-id 可把公钥密钥追加到远程主机的 .ssh/authorized_key文件中

①出现bash: ssh-copy-idyutao@192.168.161.132: command not found。
说明没有没有安装ssh-copy-id命令；执行命令：
sudo yum -y install openssh-clients

②当看到这句话时说明拷贝到远程服务器成功:
Now try logging into the machine, with "ssh 'yutao@192.168.161.132'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

远程登入

[yutao@localhost ~]$ ssh yutao@192.168.161.134
Last login: Mon Oct 10 14:18:54 2016 from 192.168.161.135

实际上我们一般在公司里都会带上端口号；

ssh developer@123.59.44.56 -p 22222

注: SSH 不会询问密码了即可远程登录主机

退出远程服务器：
[yutao@localhost ~]$ exit
logout
Connection to 192.168.161.134 closed.

参考地址

http://m.blog.csdn.net/article/details?id=48846975

以上是两台服务器间的免密登陆，要是是想本机（win10）和虚拟机间的免密登陆

本机和虚拟机免密

①首先在本机的

.ssh

文件夹中打开git的窗口，也就是右键

git bash here

。

②执行远程拷贝命令，上面已经写过了

yutao@yutao MINGW64 ~/.ssh
$ ssh-copy-id -i id_rsa.pub '-p 22 yutao@192.168.116.131'

但是呢，出问题啦，提示如下：

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_rsa.pub"
Usage: /usr/bin/ssh-copy-id [-h|-?|-f|-n] [-i [identity_file]] [-p port] [[-o <ssh -o options>] ...] [user@]hostname
-f: force mode -- copy keys without trying to check if they are already installed
-n: dry run    -- no keys are actually copied
-h|-?: print this help

后来我换了一种写法：

$ ssh-copy-id yutao@192.168.116.131
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/c/Users/yutao/.ssh/id_rsa.pub"
The authenticity of host '192.168.116.131 (192.168.116.131)' can't be established.
ECDSA key fingerprint is SHA256:PGCzMVtO2SzEeNe8Qml/SAARcmOR4gG/Q0aeykMw7pg.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
yutao@192.168.116.131's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'yutao@192.168.116.131'"
and check to make sure that only the key(s) you wanted were added.

也就是不指定端口和公钥文件。就成功了，具体原因我也说不上来。

中途会要你输入远程服务器的密码，比如我

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
yutao@192.168.116.131's password: #这里输入远程服务器密码

验证

再去远程服务器中查看，我的路径是：

/home/yutao/.ssh/

输入命令

ll

-rw-------. 1 yutao yutao  393 4月  15 21:38 authorized_keys
-rw-------. 1 yutao yutao 1675 4月  15 21:30 id_rsa
-rw-r--r--. 1 yutao yutao  387 4月  15 21:30 id_rsa.pub

可以看到已经生成

authorized_keys

文件，再执行

cat authorized_keys

。

就可以看到具体的公钥了。