CentOS6/7通过SSH免密码登陆

最新推荐文章于 2021-07-14 16:58:42 发布

我是路过打酱油的

最新推荐文章于 2021-07-14 16:58:42 发布

阅读量853

点赞数

分类专栏： Linux操作杂项

本文链接：https://blog.csdn.net/goodmylove/article/details/78182905

版权

Linux操作杂项专栏收录该内容

9 篇文章 1 订阅

订阅专栏

我们用四台服务器做测试，IP分别为

A:192.168.1.211

B:192.168.1.212

C:192.168.1.213

D:192.168.1.214

四台电脑上同时操作

ssh-keygen -t rsa

连续三次回车，系统会在/root/.ssh/下生成一个公钥和一个私钥

[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
89:1d:2d:8f:a9:a8:5a:db:d2:eb:77:d1:ba:fd:d5:02 root@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|         .       |
|        o .      |
|       o B       |
|      . S.. E    |
|     . .. .  . . |
|  ... .  o    o .|
| ..+. . o.   . . |
|..oo+o ......    |
+-----------------+
[root@localhost ~]#

将B、C、D三台电脑的公钥发送给A，并且重命名以免发生覆盖

[root@localhost ~]# scp /root/.ssh/id_rsa.pub 192.168.1.211:/root/.ssh/id_rsa.pub2
The authenticity of host '192.168.1.211 (192.168.1.211)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.211' (RSA) to the list of known hosts.
root@192.168.1.211's password: 
id_rsa.pub                                                                                                                            100%  408     0.4KB/s   00:00    
[root@localhost ~]#

[root@localhost ~]# scp /root/.ssh/id_rsa.pub 192.168.1.211:/root/.ssh/id_rsa.pub3
The authenticity of host '192.168.1.211 (192.168.1.211)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.211' (RSA) to the list of known hosts.
root@192.168.1.211's password: 
id_rsa.pub                                                                                                                            100%  408     0.4KB/s   00:00    
[root@localhost ~]#

[root@localhost ~]# scp /root/.ssh/id_rsa.pub 192.168.1.211:/root/.ssh/id_rsa.pub4
The authenticity of host '192.168.1.211 (192.168.1.211)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.211' (RSA) to the list of known hosts.
root@192.168.1.211's password: 
id_rsa.pub                                                                                                                            100%  408     0.4KB/s   00:00    
[root@localhost ~]#

发送完成之后我们查看A的/root/.ssh/目录

[root@localhost ~]# ll /root/.ssh/
total 20
-rw------- 1 root root 1675 Oct  9 15:18 id_rsa
-rw-r--r-- 1 root root  408 Oct  9 15:18 id_rsa.pub
-rw-r--r-- 1 root root  408 Oct  9 15:21 id_rsa.pub2
-rw-r--r-- 1 root root  408 Oct  9 15:22 id_rsa.pub3
-rw-r--r-- 1 root root  408 Oct  9 15:22 id_rsa.pub4
[root@localhost ~]#

可以看到除了自己本身的公钥和私钥还多了三个又B、C、D发送过来的公钥。接下来我们在A电脑上将四个公钥写入到authorized_keys文件

[root@localhost ~]# cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
[root@localhost ~]# cat /root/.ssh/id_rsa.pub2 >> /root/.ssh/authorized_keys
[root@localhost ~]# cat /root/.ssh/id_rsa.pub3 >> /root/.ssh/authorized_keys
[root@localhost ~]# cat /root/.ssh/id_rsa.pub4 >> /root/.ssh/authorized_keys
[root@localhost ~]#

写入完成查看一下authorized_keys文件里面是否有内容

[root@localhost ~]# cat /root/.ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6Y6cL086xfqj1VFnVeNeGxDtakT6yXbPphMUSgVdICKRfQEsZdbuqx3CpZ7AsxzGqtjqusfcE0wkZHTpB9+w2ewwyqzLEesGQke3MU+ppeKeRTVmuVaeZ/+p0ivKECX3C0eFPZmxXg/Tp35UzM09fGuHTVT6PQ+NNml3A7BIXLu9aZ6V0H9VGgbtjdvBGdmpx8COwhSaatZOMRY+zHXJtynpudFYclnqefwTTYB7EsIhkf8lEQZPqLfjyX2XPp3V5gGrvPda/VlkBQRCKaF5zqlg024e1Wf9bYPgSLh+R+XxWQzTlBrG9ayvMkdMHb2DOUNYnnspt9I4jxPazra3aQ== root@localhost.localdomain
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA3h2kkCOzvYcHnSy03DiW7phqQ4SxNnuV7qiKcXgMDi56pL23vrAiPDraeyn6zRgtwwSPS47ZbtQ7hgUEVZ8MNzcu4JIBW/QEPuGFA2rX9n19h9e1TCvVxlC2zRAgQs/8lUBTXO+63Ua/W1GeKOxOLUiLBPLmHOkhFkngVpzaFWrqj/YhgqQ+hemDUmrNkDCs3EBIBoF8QAH0z3mCr0pMVv8HEFFvwS4tSnwJDvh+86/tFUwzO/6uUa4hY/XvF/IhVUiB39zKFLdKxU5K03ZzTHMLxbzeUKLwY0uOLoP+9lzwj08EUjmYkyQgXaT3ZKM9m8RoBMGvcRnos0jl/By2OQ== root@localhost.localdomain
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvUnnRJ0W9HNY655XMk1nUnSqQHmNNurTUfOGehEJG/lWaqYgbtxzxw2WA4+76rvMJ/Reqi6c5kc/K3sE0Qz8MoCFbItG5ROFjSieS7TyBi/351bVcsIhcC4JmltJx73dt9eQSdVJlN4eVVqSqPs9TK6YpnydA3AGmcZCCpVLESuzj7geXzMO16m+un/4OfQFFlcIcT5m/6zP1C/XiljFwlTD6v/8UFDlm4a7yXOrm+1mF6GjEifOiPGPVILOv6PlCrM21Z0yeh/sTJ36308LjGwuk+4qFzY+X0o+hP7Q1jEJjnETOnCSIttUdMzBwclVonKBAPOxqY1g+UCy6Plfdw== root@localhost.localdomain
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvO4L3lAycE6sXb+60s5KDtzLAoY6XwxpBKM6rIz2aX/qYOZBVDfqZYIRI7V03xVudfcuaPab8tUEnReXYsn6o9OX5WmBxu94Uu6SaiQmD7PvVNdV8wScsyd4lB6rkxne436A53d7TYH3IugDmdnaI8fXEv60BUQMPcbpwyxaCwzRqISglj2iog8LfV3yGfJed/cGp8RvgcToDNYbK2Q+ZVgZHiiHQcGpxbHmTRtavGtA6nFBs6K+l7XzfwvN7f/yL++6z/DjDMwuoHHIGY2Uhn5YCbDTppU1aRjXTvp/eOWg3x1BYiI2gHqqpOaDVSYZsNgp79Pu1CnyGFQeu2luhQ== root@localhost.localdomain
[root@localhost ~]#

接下来我们将生成好的authorized_keys文件放入B、C、D每台电脑

[root@localhost ~]# scp /root/.ssh/authorized_keys 192.168.1.212:/root/.ssh/
The authenticity of host '192.168.1.212 (192.168.1.212)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.212' (RSA) to the list of known hosts.
root@192.168.1.212's password: 
authorized_keys                                                                                                                       100% 1632     1.6KB/s   00:00    
[root@localhost ~]# scp /root/.ssh/authorized_keys 192.168.1.213:/root/.ssh/
The authenticity of host '192.168.1.213 (192.168.1.213)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.213' (RSA) to the list of known hosts.
root@192.168.1.213's password: 
authorized_keys                                                                                                                       100% 1632     1.6KB/s   00:00    
[root@localhost ~]# scp /root/.ssh/authorized_keys 192.168.1.214:/root/.ssh/
The authenticity of host '192.168.1.214 (192.168.1.214)' can't be established.
RSA key fingerprint is 23:5b:94:96:05:03:23:58:78:bd:d3:d8:fa:39:43:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.214' (RSA) to the list of known hosts.
root@192.168.1.214's password: 
authorized_keys                                                                                                                       100% 1632     1.6KB/s   00:00    
[root@localhost ~]#

CentOS6到这里就操作完了，CentOS7的话还需要配置sshd_config文件和为文件和目录赋权限

sudo vim /etc/ssh/sshd_config

放开如下两行，去掉#即可

RSAAuthentication yes
PubkeyAuthentication yes

保存退出后，为.ssh目录authorized_keys赋权

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

好了，到这里我们就完成了四台电脑之间的SSH免密码访问。

[root@localhost ~]# ssh 192.168.1.211
Last login: Mon Oct  9 15:08:18 2017 from 192.168.1.40
[root@localhost ~]#

通过ssh登陆进去以后可以通过logout命令登陆

[root@localhost ~]# logout
Connection to 192.168.1.211 closed.
[root@localhost ~]#

好了，这个就到这里，有什么疑问欢迎大家留言。

我是路过打酱油的

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
CentOS6/7通过SSH免密码登陆

我们用四台服务器做测试，IP分别为A:192.168.1.211B:192.168.1.212C:192.168.1.213D:192.168.1.214四台电脑上同时操作ssh-keygen -t rsa连续三次回车，系统会在/root/.ssh/下生成一个公钥和一个私钥[root@localhost ~]# ssh-keygen -t rsaGenerating public/private...
复制链接

扫一扫

专栏目录