前言
ssh免密登录的应用十分广泛,我们今天要做的是在主机A(hostA)的用户a(usera)上免密登录到主机B(hostB)的用户B(userb)上,所谓免密登录就是在主机A的用户a上生成一个密码为空的密钥对,然后把公钥传给主机B上的用户b。
参考博客
https://blog.csdn.net/universe_hao/article/details/52296811
操作步骤
1.分别更改用户a和用户b上的hosts文件,新开一个终端
sudo vim /etc/hosts
在主机A的用户a上添加hostB的IP地址:
hostB的IP地址可以在hostB上运行ifconfig来查看
127.0.0.1 localhost
127.0.1.1 hostA
192.168.0.41 hostB
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
改完之后保存并退出。
在主机B上也是同样操作
2.在主机A的用户a上新开一个终端,输入
ssh-keygen -t rsa
按下多次回车键直到看到下图所示
usera@hostA:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/usera/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/usera/.ssh/id_rsa.
Your public key has been saved in /home/usera/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:5cgR+Cwn6TYewu6/LETj/T7496ti/8ccPl27tphTNOs usera@hostA
The key's randomart image is:
+---[RSA 2048]----+
| .. |
| . . |
| +. . |
| o +.+= o |
| + + +S . . o|
| = * .o.|
| o + = +ooo|
| o.o = . .OE.|
| ..o+=o=o++=o+o|
+----[SHA256]-----+
2.将公钥传给hostB
在主机A上新开一个终端
ssh-copy-id userb@hostB
你会看到
usera@hostA:~$ ssh-copy-id userb@hostB
The authenticity of host 'sikong (192.168.0.41)' can't be established.
ECDSA key fingerprint is SHA256:/YWEksOlzTmh/KTQpiAHFbOuww6ekHv31b34Qj1a2rc.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
userb@hostB's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'userb@hostB'"
and check to make sure that only the key(s) you wanted were added.
这样就可以免密登录主机B的用户b了。
ssh userb@hostB
扫一扫
196
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
