SSH免密的结果:
主机1 通过SSH免密直接登录主机2(目标主机)
1.生成ssh密钥
在主机1操作:根据DSA算法在生成SSH密钥文件
ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:O4bLYxXfBg7+eayl9yd5YpiT5g/QYGgxYrBgsUBEBww root@server1
The key's randomart image is:
+---[RSA 2048]----+
|E==o..o o |
| +.o o . + |
| . . o o |
| .o..o |
| .S=.o. |
| .o.o.o |
| ..+. +o+ . |
| .oo .ooX.= o |
| .o. o*.=o= |
+----[SHA256]-----+
一路回车就行
在相应的目录下查看生成的密钥文件
id_rsa为私钥文件,id_rsa.pub为公钥文件
2.配置ssh免密登录
将密钥传输给其他服务器
方法一:
将主机1生成的公钥文件id_rsa.pub拷贝至主机2
cd ~/.ssh
ssh-copy-id -i ~/.ssh/id_rsa.pub root@{主机2的ip}:~/.ssh
ssh-copy-id命令执行之后会在主机2的~/.ssh/目录下生成文件authorized_keys
方法二(推荐):
平常大家使用的都是方法一,这边建议使用方法二
主机1执行:
cd ~/.ssh
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
将主机1生成的公钥文件id_rsa.pub拷贝至主机2
scp ~/.ssh/id_rsa.pub root@{主机2的ip}:~/
主机2执行:
cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
3.设置文件目录权限
主机2执行:
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys