一、源服务器生成秘钥
生成秘钥对,默认路径为/root/.ssh
# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'
设置私钥密码,不设置,回车即可
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:TJhv6rKeUoBo+OY24OioWk8WR1i59SAgqbA9SwbiuIM root@zhfi-dev-ops-tpl
The key's randomart image is:
+---[RSA 2048]----+
| ...... |
|+ .. oooo |
|B* . ++.o |
|Bo* ..+ . |
|o= +. . S |
|E + .o o |
|o=..o . |
|oo=+.o |
|Bo +=o. |
+----[SHA256]-----+
/root/.ssh路径生成文件:
二、目标服务器配置
打开id_rsa.pub,选中内容复制
# cat id_rsa.pub
目标服务器,如果authorized_keys文件已经有内容,需要另起一行
# vi /root/.ssh/authorized_keys
# chmod 600 /root/.ssh/authorized_keys
三、登录
在源服务器登录目标服务器
# ssh 目标id
四、如果有目标机器的密码可以使用下面方式配置免密登录
执行命令,验证密码后,再目标服务器会自动生成或修改authorized_keys文件,然后就可以直接登录了
# ssh-copy-id root@目标ip
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 目标ip' can't be established.
ECDSA key fingerprint is SHA256:VhbNShOhAP3FMwDjz1aUgRwSfdtQQue6UFOmB3ezOOo.
ECDSA key fingerprint is MD5:1e:ae:76:fe:c0:49:d5:aa:88:69:4a:d9:43:dc:2e:43.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@目标ip's password:
Number of key(s) added: 1