一、原理
使用公钥登录服务器,而非密码
二、使用命令
ssh-keygen:生成密钥对(一路回车),执行结果如下:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/test/.ssh/id_rsa):
Created directory '/home/test/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/test/.ssh/id_rsa.
Your public key has been saved in /home/test/.ssh/id_rsa.pub.
The key fingerprint is:
c4:d0:12:79:bb:4b:f3:b9:2a:6b:9f:a0:8c:b7:35:40 test@localhost
将会在默认目录(当前用户家目录的.ssh目录)生成密钥对(公钥:id_rsa.pub,私钥:id_rsa)
ssh-copy-id -i ~/.ssh/id_rsa test@192.168.1.2 :将公钥复制到远程服务器,写入授权列表文件
The authenticity of host '192.168.1.2 (192.168.1.2)' can't be established.
RSA key fingerprint is b3:01:50:26:e0:3f:33:dc:63:a2:7b:3e:46:03:46:bd.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.2' (RSA) to the list of known hosts.
test@192.168.1.2's password:
Now try logging into the machine, with "ssh '192.168.1.2'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
第一次需要输入密码,密码认证成功后,将会把本地服务器的id_rsa.pub内容添加到远程服务器的authorized_keys文件中。
三、应用
01:使用ssh命令登录到远程服务器执行指定的命令,远程服务器的端口为1234,如果为默认的22,则无需指定。
02:使用scp命令拷贝文件到远程服务器的指定目录,远程服务器的端口为1234,如果为默认的22,则无需指定。