SSH实现各个服务器间的文件相互备份,如运行scp命令,可以实现免密码登录,从而可以使用SHELL脚本实现一些自动化的处理。
假如A机要免密码登录B机,具体方法如下:
1、在A机运行:"ssh-keygen -t rsa" 命令,创建公钥信息
#ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (<UseHome>/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in <UseHome>/.ssh/id_rsa.
Your public key has been saved in <UseHome>.ssh/id_rsa.pub.
The key fingerprint is:
ba:2c:77:eb:6d:aa:aa:d8:37:08:2f:b1:b9:e8:5a:2f <UseName>@<HostName>
注意:输入 ssh -keygen -t rsa 后不用管提示的信息 直接回车即可
输入后,会提示创建.ssh/id_rsa、id_rsa.pub的文件,其中第一个为密钥,第二个为公钥。过程中会要求输入密码,为了ssh访问过程无须密码,可以直接回车
2、公钥部署
拷贝id_rsa.pub中的内容到需要访问的主机,并建立~/.ssh/authorized_keys文件,将先前的id_rsa.pub拷贝到目标机B,如果.ssh目录不存在,则建立文件夹,并将权限设置为700,同时将authorized_keys文件权限设为644,.ssh文件下及下的authorized_keys文件都属于root。
在设置权限的时候还可以:chmod -R 700 ~/.ssh/
#mkdir -m=700 .ssh
#cp id_rsa.pub .ssh/authorized_keys
#chown root .ssh/authorized_keys 这里root 是本机用户名 如果这里名称不正确:sudo chown kg:kg authorized_keys
#chmod 644 .ssh/authorized_keys
3. ssh访问
使用ssh <IP/HOSTNAME>进行访问,第一次需要保存ssh认证信息,以后则可以自动登录,其他相关ssh相关程序诸如scp等也可以无需密码
# ssh <TargetHost>
The authenticity of host '<TargetHost> (<TargetIP>)' can't be established.
RSA key fingerprint is 34:b9:92:06:53:e6:91:4d:47:92:73:57:78:6a:5d:09.
Are you sure you want to continue connecting (yes/no)?yes
Warning: Permanently added '<TargetHost>,<TargetIP>' (RSA) to the list of known hosts.
4.多机部署
如果C机也需要无密码访问B机,则将C的公钥id_rsa.pub复制到B机中文件~/.ssh/authorized_keys的内容末端
#cat id_dsa.pub >> .ssh/authorized_keys
转自:
https://blog.csdn.net/xueling022/article/details/52912434