方法一
192.168.0.140主机上执行
[root@localhost ~]# ssh-keygen -t rsa
或
[root@localhost ~]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
# 所有默认回车会在/root/.ssh/目录下生成两个文件:id_rsa(私钥,产生私钥的机子,即主动访问的机子拥有)、id_rsa.pub(公钥,发给被访问机子)。
[root@localhost ~]# cd .ssh/
[root@localhost .ssh]# ls
id_rsa id_rsa.pub
# 本机SSH无密码验证
root@localhost:~/.ssh# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
此时ssh访问本机,就需要输入密码了,如下所示:
[root@localhost .ssh]# ssh 192.168.0.140
Address 192.168.0.140 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Last login: Wed Nov 19 23:12:21 2014 from 192.168.0.140
[root@localhost ~]# exit
logout
Connection to 192.168.0.140 closed.
将authorized_keys文件拷贝到192.168.0.141机器上
root@localhost:~/.ssh# scp /root/.ssh/id_rsa.pub root@192.168.0.141:/root/.ssh/
在192.168.0.141机器上执行以下命令
# 准确地说,应该将id_rsa.pub拷贝到被访问机器上,并将公钥追加到授信文件authorized_keys里。
cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
此时从192.168.0.140机器上SSH连接到192.168.0.141机器上就不需要密码了
[root@localhost .ssh]# ssh 192.168.0.141
Address 192.168.0.141 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Last login: Wed Nov 19 23:22:23 2014 from 192.168.0.11
[root@localhost ~]# exit
logout
Connection to 192.168.0.141 closed.
方法二
一种很简单的方法
192.168.0.140主机上执行
ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
ssh-copy-id root@192.168.0.141
2208
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
