ssh-keygen生成秘钥对(使用自定义名字)
$ ssh-keygen -t rsa -f ~/.ssh/id_ras_my
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/xxx/.ssh/id_ras_my.
Your public key has been saved in /Users/xxx/.ssh/id_ras_my.pub.
The key fingerprint is:
SHA256:kZ8R2xLXlJHpsH9iXgvCgkFViQ102F+auRihxVvZykw test@test.local
The key's randomart image is:
+---[RSA 2048]----+
| o+@ooo== |
| . +.&.E=o |
| . o * X+* |
| . + *.O. |
| S + o.. |
| . . + o+ o|
| . .o.+.|
| .. |
| |
+----[SHA256]-----+
$
ssh-copy-id 复制公钥到服务器
ssh-copy-id 把密钥追加到远程主机的 .ssh/authorized_key
$ ssh-copy-id -i ~/.ssh/id_rsa_my.pub root@xx.xx.xx.xx
ligh@remote-host‘s password:
Now try logging into the machine, with ―ssh ?remote-host‘‖, and check in:
.ssh/authorized_keys to make sure we haven‘t added extra keys that you weren‘t expecting.
现在就可以用ssh连接远程服务器了
$ ssh root@xx.xx.xx.xx -i ~/.ssh/id_rsa_my
Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
但是到这一步只是做到了免密,如果不用默认名id_rsa的话,那么每次连接都需要使用ssh-i 还是不够简练,所以还需要最后一步
配置~/.ssh/config内容
#自定义远程主机名( #注释需要单独一行)
Host myHost
#服务器IP
HostName XX.XX.XX.XX
#服务器用户名
User root
#端口
Port 22
#私钥地址
IdentityFile ~/.ssh/id_ras_my
配置完成就可以直接在终端使用 ssh myHost 连接主机了
包括其他如 rsync,scp,都可以不用密码,不用-i了
$ ssh myHost
Last login: Wed May 29 21:42:04 2019 from 36.102.10.130
[root@VM_0_14_centos ~]#