普通用户下
qc@localhost: ssh-keygen -t rsa
Generating public/private rsa key pair.
_I
Enter file in which to save the key (/root/.ssh/id_rsa): 默认直接回车
Enter passphrase (empty for no passphrase):这里输入密码
Enter same passphrase again: 确认密码
Your identification has been saved in /root/.ssh/id_rsa.
CDvsQb
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ae:1e:a6:49:b9:51:1e:27:bc:a6:7d:dd:bb:6b:1a:55
创建后的密钥在用户主目录中的隐藏目录 .ssh 中
qc@localhost:cd .ssh
qc@ localhost .ssh:ls
authorized_keys id_rsa id_rsa.pub known_hosts
i d_rsa.pub 是公钥, id_rsa 是私钥, known_hosts 保存着所有已发生连接服务器的信息,需要将公钥里的信息拷贝到登陆服务器用户主目录中的隐藏目录 .ssh 的文件 authorized_keys 中
qc@localhost .ssh:ssh-copy-id –i id_rsa.pub server@192.168.1.111
或者将 id_rsa.pub 直接拷贝过去放到服务器 .ssh 目录下,改名为 authorized_keys
在登录的时候可能遇到问题,提示 Permission denied(publickey,gssapi-with-mic)
有两种可能,
一是公钥没有添加到服务器 ( 照上一步重新做一遍 )
二是需要本地没添加 rsa 密钥,做如下操作
重新添加一遍 id_rsa
ssh-add id_rsa
# 如果提示 could not open a connection to your authentication agent
终端做如下操作
ssh-agent bash
ssh-add id_rsa # 输入密码
Ok 现在应该可以登录了