这里以node01、node02两台机举离说明,node01、node02为主机名(前提已安装好ssh服务)
1、在node01生成公钥,输入以下:ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa ,按回
[root@node01 .ssh]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
72:ea:01:e5:d6:93:eb:f7:b3:77:78:a0:f6:4c:62:03 root@node03
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| . |
| o . . |
| . + S E |
| o + o . . |
| o . +..o |
| . o ..+=o o|
| . .. oo=oo |
+-----------------+
进入cd /.ssh下,ls 看到 生成了authorized_keys、id_rsa、id_rsa.pub三个文件
[root@node01 .ssh]# ls
authorized_keys id_rsa id_rsa.pub known_hosts
2、把node01公钥copy到node02上,输入:ssh-copy-id node02,按回车
[root@node01 .ssh]# ssh-copy-id node02
The authenticity of host 'node01 (192.168.1.71)' can't be established.
RSA key fingerprint is 2c:ba:d0:09:35:a1:dc:b2:7c:67:c4:72:c1:77:c0:80.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node03,192.168.1.71' (RSA) to the list of known hosts.
root@node02's password:
Now try logging into the machine, with "ssh 'node01'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
首次操作输入密码,输入密码后即把id_rsa.pub写入到node02的对应路径下authorized_keys中
3、免密码登录测试,在node01上输入命令 ssh node02
[root@node01 .ssh]# ssh node02
Last login: Sat Sep 16 03:31:06 2017 from node01
[root@node02 ~]#
可以看到直接进入到node02了,node02想免密码登录node01同理,重复以上操作即可。
注意(配置集群时本机也要进行ssh-copy-id node01操作,把id_rsa.pub复制到本机的authorized_keys中)