1.定义
NAME
ssh-copy-id - install your public key in a remote machine’s authorized_keys
SYNOPSIS
ssh-copy-id [-i [identity_file]] [user@]machine
DESCRIPTION
ssh-copy-id is a script that uses ssh to log into a remote machine (presumably using a login password, so password authentication should be enabled, unless you’ve done some clever
use of multiple identities) It also changes the permissions of the remote user’s home, ~/.ssh, and ~/.ssh/authorized_keys to remove group writability (which would otherwise prevent
you from logging in, if the remote sshd has StrictModes set in its configuration). If the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regard-
less of whether there are any keys in your ssh-agent. Otherwise, if this: ssh-add -L provides any output, it uses that in preference to the identity file. If the -i option is
used, or the ssh-add produced no output, then it uses the contents of the identity file. Once it has one or more fingerprints (by whatever means) it uses ssh to append them to
~/.ssh/authorized_keys on the remote machine (creating the file, and directory, if necessary)
2.举个栗子
[root@oracle ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
25:f8:3c:45:12:da:1c:f1:5d:a2:6a:15:85:b3:45:cb root@oracle
The key's randomart image is:
+--[ RSA 2048]----+
| =oo++ . |
| = =o=.+ |
| o + *+E |
| o *. |
| S |
| . . |
| |
| |
| |
+-----------------+
[root@oracle ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.8.221
The authenticity of host '192.168.8.221 (192.168.8.221)' can't be established.
RSA key fingerprint is 83:0a:18:0e:24:5c:60:6c:e7:25:92:0f:39:9c:04:63.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.8.221' (RSA) to the list of known hosts.
root@192.168.8.221's password:
Now try logging into the machine, with "ssh 'root@192.168.8.221'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@oracle ~]# ssh 'root@192.168.8.221'
Last login: Fri Mar 3 08:47:01 2017 from 192.168.8.207
[root@oracle12c ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 08:00:27:44:E8:19
inet addr:192.168.8.221 Bcast:192.168.8.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe44:e819/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9473 errors:0 dropped:0 overruns:0 frame:0
TX packets:672 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:714647 (697.8 KiB) TX bytes:86101 (84.0 KiB)
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/29812844/viewspace-2134651/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/29812844/viewspace-2134651/