A机器(192.168.16.240)SSH直接登录 B机器(192.168.95.200)
首先在A机器root根目录下运行ssh-keygen -t rsa命令生成密钥
[root@bogon ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
24:e6:fb:19:c7:95:3d:a8:9d:a0:42:26:8b:51:41:63 root@bogon
然后上传B机器上
[root@bogon ~]# scp /root/.ssh/id_rsa.pub root@192.168.95.200:/root
The authenticity of host '192.168.95.200 (192.168.95.200)' can't be established.
RSA key fingerprint is c7:31:e5:85:8c:9c:71:0d:2b:6a:da:f4:6f:31:bd:f5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.95.200' (RSA) to the list of known hosts.
Address 192.168.95.200 maps to bogon, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
root@192.168.95.200's password:
id_rsa.pub 100% 392 0.4KB/s 00:00
然后在A机器上SSH登录B机器
[root@bogon ~]# ssh -lroot 192.168.95.200
Address 192.168.95.200 maps to bogon, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
root@192.168.95.200's password:
Last login: Tue Jun 23 15:13:56 2009
此次登录还需要密码,登录进去后把秘钥加入B机器的authorized_keys
[root@bogon ~]# cat /root/id_rsa.pub >> /root/.ssh/authorized_keys
注:如果B机器没有这个文件(/root/.ssh/authorized_keys)的话,需要在B机器root根目录下运行ssh-keygen -t rsa即可生成
操作之后输入exit命令退出,然后再SSH登录B机器就不需要密码了
[root@bogon ~]# exit
logout
Connection to 192.168.95.200 closed.
[root@bogon ~]# ssh -lroot 192.168.95.200
Address 192.168.95.200 maps to bogon, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Last login: Tue Jun 23 15:35:17 2009 from 192.168.16.240
反过来B机器SSH登录A机器的话操作互换即可。
Windows SSH登录linux机器
C机器(windows XP)SSH登录D机器(CentOS5.3)
首先使用Secure Shell Client登录D机器,然后点击Secure Shell Client菜单中的Edit—〉Setting找GlobalàUser AuthenticationàKeys,然后点击Generate New创建密钥,创建过程中我使用的是1024的DSA算法加密,创建之后让你填写几个信息(填写第一个就下一步好了,不填写不让下一步,都填写了,下次登录需要输入填写的信息),然后点击完成,最后在C:\Documents and Settings\计算机用户名\Application Data\SSH\UserKeys文件夹下有key.pub,把这个文件上传到D机器的/root目录下,然后回到已经登录的Secure Shell Client客户端执行以下命令:
ssh-keygen -X -f key.pub >>/root/.ssh/authorized_keys #authorized_keys
然后断开连接再次连接就不需要密码了
Key.pub可以上传到任何需要SSH登录不输入密码的linux机器上,只需在目标机执行ssh-keygen -X -f key.pub >>/root/.ssh/authorized_keys #authorized_keys命令即可