Linux实现SSH免密登录

环境准备：

• 192.168.58.148 客户端
• 192.168.58.150 服务端

功能实现：

第一步在150机器上生成公钥：（默认就好）

[root@nginx1 ~]# ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:r9Ct7hQZOtVGahJlpv1YUjHTBFDU3Xpsl925LQDHjSI root@nginx1
The key's randomart image is:
+---[RSA 4096]----+
|      ..=+XB.+ . |
|       *E=oo* o .|
|      o B.++   o=|
|       = O  . .oB|
|      o S .  . o+|
|       o +    ...|
|      . o o    . |
|       o o       |
|       o=        |
+----[SHA256]-----+

第二步将公钥写入到文件~/.ssh/authorized_keys中·

[root@nginx1 ~]# vim ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5POWAdc6VeD3LBbGp67XeFZy7wk7NyQFuDGnQ7ZBjtHEzf320oLgD91/ZFJqSPCjUFMsQPHliq1dVd1rOQZ4YB+KakkTywIYWow3nPbx5DuXZN9v2k4xuyHepsLbHC0mMqNs73P1vpxARKaU2xmlqZDTMkcjA6iPF0ujOLuCmsoAbu6oatoqe2t/9bV6E+a2o/2xliXE1/Ko5X9HQTAa+OEGVHUI5Z8y+WfnUKHPOUZI0cMSKhPYREaWisFVMGQZ7mvbec7DNIrf/Rb678QRa5oWUq02Y1ERei2d4xVS7zDvNuj2MPHwFNNvz8m6FxPvBzC3M3cYwDQ4iYb2mFX7uMfQo0cJ/zG0GrTHkb2wJsCVcAojyvXNGMnfKyav7UnYMGNlnZTWAPZ0QO1+A/BBL4uoeSOIkCwT5Prtosc1KpcbSN02wwMATnBzjVWmCGwo0R/8TbLa+r4JYXW+Lhz8nIZ5YEyc0CGqX0rYMw/WxcJJko8AaCQs1/393/Ev4l4TaoIhIYrkWT3sf45FLA+LxQQvqzzu2AOtXQZiiujgw/Akzd19E7yrTzrzMqSCGcVhR3NuvqSOZFwtUSv8w2+nPdTGkunCvB5Ud+qcJ/ax3zh3zwA8+LcYqnddpUZixYBD/syVt805nnCjRBc1r04hehE5C8EAUc1J0ermypQ== root@nginx1

第三步在148机器上使用命令ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.58.150将公钥拷贝到150机器上

[root@nginx2 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.58.150
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.58.150 (192.168.58.150)' can't be established.
ED25519 key fingerprint is SHA256:iRElSaP/Ey7gHz9NeGQCU1u2Cpg31m7ydRY1xAiJAjI.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Authorized users only. All activities may be monitored and reported.
root@192.168.58.150's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.58.150'"
and check to make sure that only the key(s) you wanted were added.

第四步测试连通性

[root@nginx2 ~]# ssh root@192.168.58.150

Authorized users only. All activities may be monitored and reported.

Authorized users only. All activities may be monitored and reported.
Last login: Mon Aug 19 12:35:08 2024 from 192.168.58.1


Welcome to 5.10.0-136.12.0.86.oe2203sp1.x86_64

System information as of time: 	Tue Aug 20 06:48:24 AM CST 2024

System load: 	0.00
Processes: 	135
Memory used: 	43.0%
Swap used: 	1.1%
Usage On: 	14%
IP address: 	192.168.58.151
Users online: 	3


[root@nginx1 ~]# 
logout