1、安装ssh
直接 sudo apt-get install openssh-server
2、查看ssh运行状态
ps -e | grep ssh
如果发现 sshd 和 ssh-agent 即表明 ssh服务基本运行正常
3、生成公钥和私钥
ssh-keygen -t rsa -P ""
4、将公钥追加到文件
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
5、测试ssh localhost
如果发现不用输入密码就可以登录那么 ssh无密码机制就算建立成功了。
ssh localhost 还要输入密码
失败原因:.ssh及其下属子文件的权限问题:
.ssh文件夹权限700
.ssh文件夹下的文件下,
两个Key文件为600
其余文件权限是644
特别注意authorized_keys文件的权限
不能让所有者之外的用户对authorized_keys文件有写权限,否则,sshd将不允许使用该文件,因为它可能会被其他用户篡改。
如果authorized_keys文件、 HOME/.ssh目录或 HOME目录让本用户之外的用户有写权限,那么sshd都会拒绝使用 ~/.ssh/authorized_keys 文件中的key来进行认证的。
“man sshd”命令查看对authorized_keys文件的描述如下:
man sshd
.....
~/.ssh/authorized_keys
Lists the public keys (DSA/ECDSA/RSA) that can be used for logging in as this user. The format of
this file is described above. The content of the file is not highly sensitive, but the recommended
permissions are read/write for the user, and not accessible by others.
If this file, the ~/.ssh directory, or the user's home directory are writable by other users, then the
file could be modified or replaced by unauthorized users. In this case, sshd will not allow it to be
used unless the StrictModes option has been set to “no”.
........