免密登录操作
一、ssh-keygen生成密钥对
lj@ubuntu ~ % ssh-keygen [0]
Generating public/private rsa key pair.
Enter file in which to save the key (/home/lj/.ssh/id_rsa):
Created directory '/home/lj/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/lj/.ssh/id_rsa
Your public key has been saved in /home/lj/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:xyIbEYaUdvQDIOIXMknL57YgT2jYFv292D+aZP2612c lj@ubuntu
The key's randomart image is:
+---[RSA 3072]----+
|o+ooo== |
|oo+o=..+ |
| +.+... o |
|.o+. . o o |
|+o+o + S o |
|o+o . * = |
| .. o = . . |
| o o... . E|
| o.+=. o |
+----[SHA256]-----+
生成后可以查看
lj@ubuntu ~ % cd .ssh/ [0]
lj@ubuntu .ssh % ls [0]
id_rsa id_rsa.pub
lj@ubuntu .ssh % cat id_rsa.pub [0]
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDRFKSsxsndU7hF4xpnQ0aip6HMFrz6Njb9tf6ecNx5bqhjGm09jVT90qiJ4cU4bK5PnQkQ9POf1qM8nY4FWQK/kDQtX6Vyrbs/IYvThC+G6MIn30ELZXLHMcIdhy8MNYqMrL0ytLUPLh+sd5IuJpWm//CM2Q/gBgeFLaijwqCTKXINn8NXeDgVA9xAMuzyWV9UJGAG/trtYYrs36tw5nlEP4dqGDbxJZBFJ8bMGRDtZTkOyxJw2bq25LQD/cv+9kqsYoasV67S9QoIgz2NkiiPuNHCnzP5cmAx5m/KfgMZUFgJUwX440aFEpcd+5mlL5euydkQVM9xJnHK21oAaa5qRqa/PVy5UkwPuY7BJHXy2sISo4bA++by7uJnnmzaLB2rB5j9CUnYF6TpIrJ0NccP9zojtwfzKobYaADszaD2UAIN8zr02NjZs6Iw5o9kH+HWKX+X++Ssp2huN6uqmRHGQYIA8XC5SroPVem2JOb8aaZsmyO1GnCKazUK8TcvNME= lj@ubuntu
二、公钥复制到另一台机器
我这里通过虚拟机上的Ubuntu远程访问CentOS
首先需要查看ip
CentOS的IP是192.168.145.128
[lj@localhost ~]$ ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:13:79:ad brd ff:ff:ff:ff:ff:ff
inet 192.168.145.128/24 brd 192.168.145.255 scope global dynamic eth0
valid_lft 1775sec preferred_lft 1775sec
inet6 fe80::20c:29ff:fe13:79ad/64 scope link
valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:cb:1c:48 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:cb:1c:48 brd ff:ff:ff:ff:ff:ff
5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:e3:4d:ba:d1 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
Ubuntu中的IP是192.168.145.129
lj@ubuntu ~ % ip addr [127]
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:e7:d2:56 brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet 192.168.145.129/24 brd 192.168.145.255 scope global dynamic noprefixroute ens33
valid_lft 1339sec preferred_lft 1339sec
inet6 fe80::2b52:7877:23ac:71e8/64 scope link noprefixroute
valid_lft forever preferred_lft forever
Ubuntu远程访问CentOS: ssh-copy-id lj@192.168.145.128
ssh-copy-id 用户名@另一台机器的IP地址
lj@ubuntu .ssh % ssh-copy-id lj@192.168.145.128 [0]
The authenticity of host '192.168.145.128 (192.168.145.128)' can't be established.
ECDSA key fingerprint is SHA256:x9niIRejGoMuTiInyW0Ube4CFq7HrRggKzcsFcIz7nY.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
lj@192.168.145.128's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'lj@192.168.145.128'"
and check to make sure that only the key(s) you wanted were added.
登录之后可以在ubuntu上操作CentOS
lj@ubuntu ~ % ssh lj@192.168.145.128 [0]
Last login: Thu Jun 23 23:30:31 2022
[lj@localhost ~]$ ls
Desktop Documents fabric git-2.28.0 Library Music Public Videos
下面第一张图是Ubuntu系统,第二张图是CentOS系统
远程登陆成功后输入ls 查看到的是CentOS系统中的内容