一、客户端配置
1、客户端生成密钥,传送到服务器(如果是windows客户端可以使用puttygen生成密钥):
[root@localhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): //密钥文件保存的路径,不修改,直接回车
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): //是否为密钥设置密码,不设置直接回车
Enter same passphrase again: //再次确认密码
[root@localhost ~]# cat .ssh/id_rsa.pub //查看生成的公钥信息
[root@localhost ~]# cat .ssh/id_rsa //查看生成密钥信息
2、将生成的密钥信息传送到服务器:
[root@localhost ~]# ssh-copy-id 192.168.10.10
A key fingerprint is e4:bd:ba:43:01:23:ae:67:05:aa:d3:85:c5:78:60:68.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.10.10's password: //输入远程服务器的root密码
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.10.10'"
and check to make sure that only the key(s) you wanted were added.
3、这样就可以不使用密码ssh远程服务器了,服务器端无需任何操作
[root@localhost ~]# ssh 192.168.10.10
二、服务器端:
[root@localhost ~]# cat .ssh/authorized_keys //查看客户端传送过来的密钥信息
[root@localhost ~]# vim /etc/ssh/sshd_config
//编辑ssh的配置文件,将78行的使用密码认证的配置把yes改成no,这样就仅能使用密钥这台服务器。
如果是windows登录Linux系统,参考这边博客:https://blog.csdn.net/qq_21453783/article/details/97799449