linux免密码登录节点服务器

在日常的运维工作中，密码远程登录节点服务器做运维是一件比较闹心的问题，复杂的密码，很容易在登录时出现错误，这就需要用到公钥验证登录,通过ssh-keygen生成本服务器的公钥和私钥

[root@mail zhb]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ed:0c:39:0a:05:ea:3c:25:f0:97:55:17:6e:5a:79:83 root@mail
The key's randomart image is:
+--[ RSA 2048]----+
|.   . ... o.     |
| o . +   o o     |
|  + + .   E o    |
| o + .   * . .   |
|  + .   S .      |
|   . . . =       |
|      .   o      |
|                 |
|                 |
+-----------------+

并将主机的id_rsa.pub文件复制到节点服务器上。

[root@mail ~]# scp ~/.ssh/id_rsa.pub root@10.0.0.5:~/.ssh/pub_key

到节点服务器上添加authorized_keys文件，将主机的公钥追加到节点服务器的authorized_keys

[root@agent1 ~]# cat pub_key >>~/.ssh/authorized_keys

完成即可从主机节点免密码登录到节点服务器上。
如果需要ansible 工具执行免密码，还需要在ansibel主机上执行如下命令

ansible app -m authorized_key -a "user=root key='{{ lookup('file','/root/.ssh/id_rsa.pub') }}'" -k

若您觉的还有不足，请赐教