centos 7.6 设置 SSH 通过密钥登录

ssh 控制服务器:192.168.48.102
ssh 被控制服务器:192.168.48.103

产生sshd 私钥和公钥:

[root@localhost ~]# ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase): --输入密码(可以为空)
Enter same passphrase again: --再次输入密码
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:wxBPRyYTDpQQYvp2u86bL3Fza3cCs5V2TAYeFDM1qa4 root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
| o o++.=+Ooo. |
| o . . =oo.. |
|. . o. + |
| . o o o |
| o . S. = |
| . ...o +.= o |
| .o o O . |
| ..o E o . |
| .
+.. . o |
+----[SHA256]-----+

查看密钥文件:
[root@localhost ~]# cd /root/.ssh/
[root@localhost .ssh]# ls
id_rsa id_rsa.pub known_hosts

将公钥文件传输到需要远控的机器上:
[root@localhost .ssh]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.48.103
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.48.103's password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh 'root@192.168.48.103'"
and check to make sure that only the key(s) you wanted were added.

在远控的机器上要修改sshd配置文件:
[root@localhost .ssh]# vi /etc/ssh/sshd_config
PubkeyAuthentication yes --打开这行的注释

重启服务:
[root@localhost .ssh]# systemctl restart sshd.service

在控制服务器ssh被控制服务器:
[root@localhost .ssh]# ssh -i /root/.ssh/id_rsa root@192.168.48.103
Last login: Mon Jun 24 23:37:11 2019 from 192.168.48.101
[root@localhost ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.48.103 netmask 255.255.255.0 broadcast 192.168.48.255
inet6 fe80::6a9b:be28:c9bb:64fd prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:e6:e9:b0 txqueuelen 1000 (Ethernet)
RX packets 16635 bytes 16327536 (15.5 MiB)
RX errors 0 dropped 141 overruns 0 frame 0
TX packets 9187 bytes 5350257 (5.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 188 bytes 16920 (16.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 188 bytes 16920 (16.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值