1、设置公钥
ssh-keygen -t dsa -P ‘’ -f ~/.ssh/id_dsa #这种格式不用交互;man ssh-keygen ;两种加密(dsa 和rsa)
2、把公钥远程拷到目标机
ssh-copy-id -i .ssh/id_dsa.pub -p22 root@192.168.0.3
3、查看生产文件
[root@NFS_Server ~]# ls -l .ssh/
total 8
-rw------- 1 root root 668 Nov 5 17:44 id_dsa 私钥
-rw-r--r-- 1 root root 605 Nov 5 17:44 id_dsa.pub 公钥
4、拷贝公钥到服务端
[root@NFS_Server ~]# ssh-copy-id -i .ssh/id_dsa.pub root@192.168.1.102
The authenticity of host '192.168.1.102 (192.168.1.102)' can't be established.
RSA key fingerprint is e2:35:4f:76:e6:26:1f:68:de:d4:a0:a9:27:dd:9f:3b.
Are you sure you want to continue connecting (yes/no)? yes 输入“yes”
Warning: Permanently added '192.168.1.102' (RSA) to the list of known hosts.
root@192.168.1.102's password: 输入密码
Now try logging into the machine, with "ssh 'root@192.168.1.102'", and check in:
.ssh/authorized_keys 远程拷贝到服务端名字自动改成"authorized_keys"
to make sure we haven't added extra keys that you weren't expecting.
[root@NFS_Server ~]#
ssh-copy-id -i .ssh/id_dsa.pub "-P22113 body@192.168.1.107" ##非默认端口
远程连接后会生成“known_hosts”记录远程连接过的主机;若第一连接需要输入yes及远端主机密码
[root@NFS_Server ~]# ls .ssh/ -l
total 12
-rw------- 1 root root 668 Nov 5 17:47 id_dsa
-rw-r--r-- 1 root root 605 Nov 5 17:47 id_dsa.pub
-rw-r--r-- 1 root root 790 Nov 5 17:49 known_hosts
[root@NFS_Server ~]#
5、可以手动拷贝公钥要把“id_dsa.pub ”在服务端重命名成“authorized_keys”并修改权限
[root@LNP_01 ~]# chmod 600 .ssh/authorized_keys
[root@LNP_01 ~]# ll .ssh/
total 4
-rw------- 1 root root 605 Oct 30 22:12 authorized_keys
[root@LNP_01 ~]#
6、远程执行命令1
[root@NFS_Server ~]# ssh -p22 root@192.168.1.102 "ls -l .ssh/"
指定端口默认可以不写 多个内容用双引号包含
total 4
-rw------- 1 root root 605 Oct 30 22:12 authorized_keys
远程执行命令2
[root@NFS_Server ~]#ssh root@192.168.1.102 ifconfig
扫一扫
2632
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
