这里假设主机A用来连接到主机B
1. 在主机A上执行如下命令来生成配对密钥:
ssh-keygen -t rsa
显示信息如下:
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory ‘/root/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
45:13:ec:31:f9:3d:25:54:7b:5f:03:40:ba:e9:76:cd root@bindiry-ubuntu
按三次回车。
这个命令生成一个密钥对:id_rsa(私钥文件)和id_rsa.pub(公钥文件)。默认被保存在~/.ssh/目录下。
2.为 ~/.ssh 目录设置权限:
chmod -R 755 .ssh (chmod 755 ~/.ssh)
注意id_rsa文件的权限必须是600
将 .ssh 目录中的 id_rsa.pub 文件复制到 主机B 的 ~/.ssh/ 目录中,并改名为 authorized_keys
【或者在主机B的~/.ssh/ 目录中创建文件authorized_keys(如果已经存在直接编辑) ,并将主机A的~/.ssh/id_rsa.pub的内容(只有一行)添加到authorized_keys 】
至此信任关系建立完毕,主机A不用输密码即可用ssh,scp来连接主机B