现在有三台机器组成一个linux集群:
192.168.72.127
192.168.72.128
192.168.72.129
要实现相互之间通过ssh密码登录,方便执行自动化脚本
第一步:通过ssh生成rsa公私密钥,分别在三台机器上执行如下指令,使用默认配置,一路回车,结果如下所示
ssh-keygen -t rsa
[root@rabbit-node2 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
f4:3e:47:9b:e5:20:1a:6d:b8:23:f7:96:0e:a6:de:79 root@rabbit-node2
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| . |
| . + |
| S = o . |
| * o * |
| . B o.+ . |
| * =Eo |
| .o o+o |
+-----------------+
在~/.ssh/下有私钥文件:id_rsa 和 公钥文件:id_rsa.pub。
第二步,使用ssh-copy-id命令将id_rsa.pub拷贝到目标机器的~/.ssh/authorized_keys中
例如要在192.168.72.127机器上使用ssh登录192.168.72.128,就要在192.168.72.128这台机器上执行
ssh-copy-id 192.168.72.127,再输入192.168.72.127的登录密码
[root@rabbit-node2 ~]# ssh-copy-id 192.168.72.127
The authenticity of host 'rabbit-node1 (192.168.72.127)' can't be established.
RSA key fingerprint is e5:c7:46:62:e0:ef:4e:42:5f:81:cf:3e:6e:cd:c3:bd.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'rabbit-node1' (RSA) to the list of known hosts.
root@rabbit-node1's password:
Now try logging into the machine, with "ssh 'rabbit-node1'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
依次类推,在192.168.72.127机器上执行ssh-copy-id 192.168.72.128......三台机之间交叉执行,最后~/.ssh/authorized_keys文件中都类似这样:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzAusRCva6YsKuG++Cj0dg2SY5fR2T1fQB4hLIDYFiPm2rN9etNN7dtGE5Sz9kNEVNYgbqKNsWklMAUKlbvUNoTCecFXaZJ/OttTgMVYdq6EfIxZaxnODzBdAb2bckKg4edSEanH8XkVpjgAk2XAO/WflLyID3lXLR+cQ6PTE4Zj0LxoWyYGzlsYNh0gsu4Jbsf5cE1axEtMN9kehhNibqnbS6jcQrc3KmKt35e3xhHdsx78j0BS7dBuBuWrCh4rgoUQAUxnJbTBQPfK+hhIcmPLh10I537YgaPNgw1noaQZySFGYpCnMo+Ol6eIky1E67GFx9jW1oDeUvCUYZRcZnw== root@rabbit-node3
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0mh31gaifPr3RZevKthjYgR5nLXniHUPD7NPg8ffqEfbuYpP60AVRd8QNq6K+CuSNxlE0anITY45RnJmZdF1SNSTqd4vFZEDZUB53hNzimvjHWvFkO7Cop44fGkzRJHB/HTT0YuhWCDN4XYmgFA5DFCJQxjeqWAzAGrGlh+blQbarOvTuJb8CUl7Inn9Vxa6oo0pt1n5JhWqVkrV2Tp38UoHGdMgOQQVmTW+SowaG+nAfAV6btPocNhgqV3nXLEJO1KEYjGEU7MBO+44qUvdgyGMqvIUtezr1nChQ5odKlyTIhCPguUEXAiz1S6xpa8WdZb8W2/x8kjCT+52CzPSlw== root@rabbit-node2
ssh 登录验证:
[root@rabbit-node1 ~]# ssh root@192.168.72.129
Last login: Sat Mar 28 03:16:59 2020 from rabbit-node1
至此,三台机器之间已实现ssh免密登录