您的位置:首页 > 运维架构 > Linux

linux 下实现ssh免密钥登录

2017-11-07 08:59 267 查看
小伙伴经常在运维的时候需要ssh到很多其他的服务器,但是又要每次输入密码,一两台还没什么,多了就烦了。所以这里教大家如何直接ssh到其他机器而不用输入密码。
[root@jw ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): ——一路回车吧
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
54:77:79:fd:82:90:d7:c5:7f:5a:04:39:8f:e8:40:09 root@jw
The key's randomart image is:
+--[ RSA 2048]----+
| E..o..o*o|
| .=...= =|
| .. o o *o|
| . . o o *|
| S o +.|
| . . |
| |
| |
| |
+-----------------+
会在本机生成两个文件,一个id_rsa.pub公钥一个id_rsa私钥

[root@jw ~]# cd .ssh/
[root@jw .ssh]# pwd
/root/.ssh
[root@jw .ssh]# ll
total 8
-rw-------. 1 root root 1675 Nov 6 09:46 id_rsa
-rw-r--r--. 1 root root 389 Nov 6 09:46 id_rsa.pub
将公钥拷贝到你需要连接的主机上,如192.168.3.2
[root@jw .ssh]# ssh-copy-id -i id_rsa.pub root@192.168.3.2
The authenticity of host '192.168.3.2 (192.168.3.2)' can't be established.
RSA key fingerprint is e4:fa:45:0d:a1:e5:77:0d:be:41:2f:d9:f3:2f:56:f1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.3.2' (RSA) to the list of known hosts.
root@192.168.3.2's password:
Now try logging into the machine, with "ssh 'root@192.168.3.2'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.
拷贝需要输入yes,并输入对方主机192.168.3.2的密码

查看192.168.3.2的/root/.ssh/目录下会生成authorized_keys文件,内容如下
[root@jw2 .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAt5Bum8vL+FezAzM9xUzSLnzTVGOwwmnu6dQcrIu5WCNqb1VgO1J2jj0jUDaK670tNIi5b2C+rr0kontqlVwblFZCrT/2gLBqj51t8UKu7YzaCxJBqdHbIxSgyE2/klxM4x3L/8j2FnGiBDzB6eZ9VLatnFjm2D1QtxStu2It+h1Rg2sqQqMxg3+rLkeG4b8nPBDxw6pczYQR9mKsmvH3wEDi4+17wonz9T+tqQO0dI9jI7jibwEpHWkpVzWM+lQpyU4VrEtq9uVEE6gsIKcWzdpfM5B3WVfA8ts2TM8zxu+NRvA0Dfxzh3iEkVUv7zAPs6tlZM16JoHcXros++goJQ== root@jw
[root@jw2 .ssh]# pwd
/root/.ssh
————————————————
如此直接在本机192.168.3.1 ssh对方ip,ssh 192.168.3.2 因为默认都是root,所以可以不用输入root@192.168.3.2
如果需要在192.168.3.2远程192.168.3.1;那就在3.2上如上步骤做一遍;
可以在192.168.3.1主机上查看/root/.ssh/目录下的文件
[root@jw .ssh]# ll
total 12
-rw-------. 1 root root 1675 Nov 6 09:46 id_rsa——私钥 解密
-rw-r--r--. 1 root root 389 Nov 6 09:46 id_rsa.pub——公钥 加密
-rw-r--r--. 1 root root 393 Nov 6 09:49 known_hosts——已知的主机列表
[root@jw .ssh]# cat known_hosts
192.168.3.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvMTT5iDe+VuIfIw76LspyYt7EcBTzj6aEa5dto+4G+la1sxnMiy2xIhynctX6T1JipXYsv2cPdPHfV2i/BD4ZLNV30+j6b5G+qEqHxaTxgoez6MyRCO0FT1pI5TpPHA9neMN/70Yrmp4RttHM04gz6X9CesZwfRaHpFoBcVm6+0YgEOakDSFbe7T/Se/M6dhuJwWXmJYSoSG/z1QkBn/QI/YgszjFQBiulDPXhHTd/WWJd64mFJLuAhr+QmA+QG4sdYlJYl26hFUUf/Tgzw9cdkNM57jyQ436crJ6s2duJZ3zYGvclwSVLdhQH7VigZFRoua+wTxeD8QgtaCOf2Osw==
by:rm_rf_db
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签:  ssh 免密钥
相关文章推荐
新的分享
章节导航