如果你(A机)想无密码ssh登录别的机器(B机),只需要完成3个步骤:
A机生成密钥对
把公钥传给B机
B机对A机的公钥授权
hosta和hostb都必须同步完成以下操作,以hosta为例
================================================================
1、创建密钥对,两台都做
[root@hosta /]# who am i
root pts/1 2008-04-30 12:08 (172.16.10.220)
[root@hosta /]# cd ~/.ssh
[root@hosta .ssh]# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa. -------私钥名一定要叫id_dsa
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
0a:13:25:19:a2:59:2c:b1:49:e6:62:90:57:07:e5:f7 root@hosta
passphrase(密钥保护) 保留为空,否则使用ssh时将要求输入passphrase(密钥保护)
2、发布公钥和获取公钥
[root@hosta .ssh]# scp id_dsa.pub hostb:/root/.ssh/hosta.key.pub
root@hostb's password:
id_dsa.pub 100% 600 0.6KB/s 00:00
[root@hosta .ssh]# scp hostb:/root/.ssh/id_dsa.pub /root/.ssh/hostb.key.pub
root@hostb's password:
id_dsa.pub 100% 600 0.6KB/s 00:00
3、对公钥授权两台都做
[root@hostb .ssh]# cat hosta.key.pub >>authorized_keys2 -----对A机公钥授权,A机用私钥来登录B机
[root@hostb .ssh]# cat id_dsa.pub >>authorized_keys2 -----可选项,本机登录本机,可不配置
如果是ssh v1版本,比如solaris 9,就使用authorized_keys文件
4、使用密钥对登录
[root@hosta .ssh]# ssh hostb
Last login: Sun Apr 27 00:04:49 2008 from 172.16.10.220
已经不用输入密码lol
[root@hostb ~]# exit
logout
Connection to hostb closed.
服务器间通过ssh使用密钥对实现无密码登录
最新推荐文章于 2019-06-14 10:18:12 发布