参考文章:
http://www.latrell.me/post-323.html
http://blog.csdn.net/wh_19910525/article/details/7433164
今天,看php-fpm,正好看到别人博客的另一篇文章:
不用密码就可ssh登陆!瞬间想到自己每次ssh和scp时,连接服务器时的苦逼场景,果断看了看。
操作步骤很简单:
1.输入 ssh-keygen -t rsa
➜ .ssh ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/Users/devil/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/devil/.ssh/id_rsa. Your public key has been saved in /Users/devil/.ssh/id_rsa.pub. The key fingerprint is: SHA256:cBM85BXm3xnPFhFCmgFYhygVLZxGHGYgCKYo5ko0FPc devil@devildeMacBook-Pro.local The key's randomart image is: +---[RSA 2048]----+ |o+oo .*X@o*+.o o.| |=.. o.oXoB. + . .| |++ E+ =..o .. | |= . o . . . =.| | o S . o +| |o . | |. | | | | | +----[SHA256]-----+
中间可能有3步提示,直接默认即可
2.会在 ~/.ssh/生成2个文件:
id_rsa - 私钥
id_rsa.pub - 公钥
3.将生成的公钥文件,复制到远程服务器上
scp ~/.ssh/id_rsa.pub root@ip:
4.得将公钥内容保存到远程服务器的用户家目录/.ssh/authorized_keys文件,该文件不存在,我们可先建立。
cd
mkdir .ssh
cat ./id_rsa.pub >> .ssh/authorized_keys
5.权限设置:
.ssh 最大是 755 权限!
authorized_keys 最大也是 755 权限!
2者都得保证所有者是当前用户!
对于.ssh 和 authorized_keys 的权限设置,只要所属组和其他人,不具有写权限即可。但为了安全,尽量最小
至此,就完成了,退出登陆,在次ssh就不需要密码了!
对于本地机器,要连接多台远程服务器,ssh-keygen只会生成一组私钥和公钥。所以,我们也就知道了,私钥存在本地,公钥按同样的步骤,设置远程主机即可!