1. 生成密匙对,我用的是rsa的密钥。使用命令 "ssh-keygen -t rsa"
生成的过程中提示会提示输入一个不同于你的password的密码,直接回车,让它空着,这样以后ssh就不用输入密码了。
其中公共密钥保存在 ~/.ssh/id_rsa.pub
私有密钥保存在 ~/.ssh/id_rsa
2. 然后改一下 .ssh 目录的权限,使用命令 "chmod 755 ~/.ssh" (不需要这步)
3. 之后把这个密钥对中的公共密钥复制到你要访问的机器的相应账号的.ssh目录下,并保存为authorized_keys.
如 [huchao@localhost .ssh]$ scp id_rsa.pub cll@10.8.8.32:/home/cll/.ssh/authorized_keys
之这样就大功告成了。之后你再用ssh scp sftp 之类的访问那台机器时,就不用输入密码了,用在script上更是方便。
服务器双向认证都无需密码:
ssh-keygen -t rsa
一直回车(呵呵)
[root@jinqiang ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
2e:e3:c7:a9:56:93:93:2b:12:38:a2:c3:55:61:06:ab root@jinqiang
[root@jinqiang ~]#
[root@jinqiang .ssh]# scp id_rsa.pub root@10.8.8.5:/root/pub12
登录到10.8.8.8.5
cd /root
cat pub12 >> .ssh/authorized_keys
既实现了从jinqiang这台服务器上scp文件到10.8.8.5上,无需密码切安全