linux之间使用秘钥登录

一、源服务器生成秘钥

生成秘钥对，默认路径为/root/.ssh

# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'

设置私钥密码，不设置，回车即可

Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:TJhv6rKeUoBo+OY24OioWk8WR1i59SAgqbA9SwbiuIM root@zhfi-dev-ops-tpl
The key's randomart image is:
+---[RSA 2048]----+
|  ......         |
|+ .. oooo        |
|B*  . ++.o       |
|Bo*  ..+  .      |
|o= +. . S        |
|E + .o o         |
|o=..o .          |
|oo=+.o           |
|Bo +=o.          |
+----[SHA256]-----+

/root/.ssh路径生成文件：

二、目标服务器配置

打开id_rsa.pub，选中内容复制

# ​​​​cat id_rsa.pub 

目标服务器，如果authorized_keys文件已经有内容，需要另起一行

# vi /root/.ssh/authorized_keys
# chmod 600 /root/.ssh/authorized_keys

三、登录

在源服务器登录目标服务器

# ssh 目标id

四、如果有目标机器的密码可以使用下面方式配置免密登录

执行命令，验证密码后，再目标服务器会自动生成或修改authorized_keys文件，然后就可以直接登录了

# ssh-copy-id root@目标ip
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 目标ip' can't be established.
ECDSA key fingerprint is SHA256:VhbNShOhAP3FMwDjz1aUgRwSfdtQQue6UFOmB3ezOOo.
ECDSA key fingerprint is MD5:1e:ae:76:fe:c0:49:d5:aa:88:69:4a:d9:43:dc:2e:43.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@目标ip's password: 

Number of key(s) added: 1