(转自:https://linuxconfig.org/passwordless-ssh)
Public key authentication allows you to login to a remote host via the SSH protocol without a password and is more secure than password-based authentication. Try creating a passwordless connection from linuxconfig.local to linuxconfig.org using public-key authentication.
Create key
Press ENTER at every prompt.
linuxconfig.local$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
b2:ad:a0:80:85:ad:6c:16:bd:1c:e7:63:4f:a0:00:15 user@host
The key's randomart image is:
+--[ RSA 2048]----+
| E. |
| . |
|. |
|.o. |
|.ooo o. S |
|oo+ * .+ |
|++ +.+... |
|o. ...+. |
| . .. |
+-----------------+
linuxconfig.local$
For added security '''the key itself''' would be protected using a strong ''passphrase''. If a passphrase is used to protect the key, ssh-agent can be used to cache the passphrase.
Copy key to remote host
linuxconfig.local$ ssh-copy-id root@linuxconfig.org
root@linuxconfig.org's password:
Now try logging into the machine, with "ssh 'root@linuxconfig.org'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
linuxconfig.local$
Login to remote host
Note that no password is required.
linuxconfig.local$ ssh root@linuxconfig.org
Last login: Tue Apr 3 12:47:53 2007 from 192.168.0.39
linuxconfig.org#