一、密钥连接登录
详细介绍可参考:十章———远程访问及控制(应用——linux高级管理)
密钥连接登录步骤
[root@C7--01 ~]# ssh-keygen -t ecdsa #生成root密钥
Generating public/private ecdsa key pair.
Enter file in which to save the key (/root/.ssh/id_ecdsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_ecdsa.
Your public key has been saved in /root/.ssh/id_ecdsa.pub.
The key fingerprint is:
SHA256:Rx4X1bEG7hyP5AZKCAG7rf/EmtTaAv/3GnrNXCdzljY root@C7--01
The key's randomart image is:
+---[ECDSA 256]---+
| ..o. .o.o.|
| . . . ... o|
| . . .o..+ o |
| o .o.o* = |
| . . S.o * ..|
| .. o . .+ E |
| .o. + .+ . B .|
| oo* .o.+ |
| =+=o.o. |
+----[SHA256]-----+
[root@C7--01 .ssh]# scp /root/.ssh/id_ecdsa.pub root@192.168.1.2:/root #上传到1.2机器上id_ecdsa.pub 文件
The authenticity of host '192.168.1.2 (192.168.1.2)' can't be established.
ECDSA key fingerprint is SHA256:iKbLEhg8UfqGICLymBBNoZqynedjXefz3LSjpQlcREg.
ECDSA key fingerprint is MD5:c9:5e:dc:c2:eb:b9:19:88:2e:6d:56:e9:ca:cf:33:4d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.2' (ECDSA) to the list of known hosts.
root@192.168.1.2's password:
id_ecdsa.pub 100% 173 97.9KB/s 00:00
#在1.2机器上查看
[root@C7--02 ~]# ls
anaconda-ks.cfg id_ecdsa.pub yum.sh
[root@C7--02 ~]# mkdir -p /root/.ssh
[root@C7--02 ~]# cat id_ecdsa.pub >> /root/.ssh/authorized_keys
[root@C7--01 .ssh]# ssh 192.168.1.2 #验证可以没有密码连接
Last login: Tue Nov 2 03:27:45 2021 from 192.168.1.1
[root@C7--02 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft foreve