在进行多台服务器的使用时,如果每个都去进行输密码的话很麻烦,为了简单一点,我们可以配置多台服务器之间的免密登录,这个免密登录是多台服务器之间相互登录是免密的。
概述
我这里配置的是三态服务器(虚拟服务器)之间的免密登录,总共三个步骤:
我的服务器名:bdc112 bdc113 bdc114
配置步骤:
1、在某一台上生成公钥(以bdc114)为例:
#生成公钥
#路径 /home/lqs/.ssh
ssh-keygen -t rsa
2、将公钥拷贝到我们要免密登录的服务器上(这里以bdc112 bdc113 bdc114为例)
#将公钥拷贝到本身
ssh-copy-id bdc112
#将公钥拷贝到bdc113
ssh-copy-id bdc113
将公钥拷贝到bdc114
ssh-copy-id bdc114
3、如果我们想让服务器之间分别进行免密登录,则对应的去改服务器进行以上三步的操作就可以了。
最好是在主要使用的一台服务器上配置一下root(/root/.ssh)下的免密登录到其它设备,操作和上面是一样的,只不过是只需要操作一台罢了。
以bdc114的免密配置过程如下
注意:bdc112 bdc113 这之前同他们两个的我是配置好了的!!!
#进入到秘钥存储的目录下
[lqs@bdc114 ~]$ cd /home/lqs/.ssh/
[lqs@bdc114 .ssh]$ ll
总用量 4
-rw-------. 1 lqs lqs 784 12月 5 19:26 authorized_keys
#生成bdc114上生成公钥
[lqs@bdc114 .ssh]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/lqs/.ssh/id_rsa): #按回车键即可
Enter passphrase (empty for no passphrase): #按回车键即可
Enter same passphrase again: #按回车键即可
Your identification has been saved in /home/lqs/.ssh/id_rsa.
Your public key has been saved in /home/lqs/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:n/Enk63YJpr3AKKiJiPWOtJOO/ymNqrYqfH6dykjBXo lqs@bdc114
The key's randomart image is:
+---[RSA 2048]----+
| |
| |
| |
| . |
| . . . S . |
|. E .. . o + o |
|.++.. . + = o |
|*XB== o .o+.= |
|#X@O.+ oo.++ |
+----[SHA256]-----+
#将秘钥拷贝到bdc112上
[lqs@bdc114 .ssh]$ ssh-copy-id bdc112
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/lqs/.ssh/id_rsa.pub"
The authenticity of host 'bdc112 (192.168.10.112)' can't be established.
ECDSA key fingerprint is SHA256:ZGPgFcu+jpGTP7mIzWbS5cydLEt9jOxmUYYHXQxTH9s.
ECDSA key fingerprint is MD5:46:02:86:f7:1c:c3:63:25:be:d8:c1:21:fe:29:04:f9.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
lqs@bdc112's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'bdc112'"
and check to make sure that only the key(s) you wanted were added.
#将秘钥拷贝到bdc113上
[lqs@bdc114 .ssh]$ ssh-copy-id bdc113
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/lqs/.ssh/id_rsa.pub"
The authenticity of host 'bdc113 (192.168.10.113)' can't be established.
ECDSA key fingerprint is SHA256:ZGPgFcu+jpGTP7mIzWbS5cydLEt9jOxmUYYHXQxTH9s.
ECDSA key fingerprint is MD5:46:02:86:f7:1c:c3:63:25:be:d8:c1:21:fe:29:04:f9.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
lqs@bdc113's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'bdc113'"
and check to make sure that only the key(s) you wanted were added.
#将秘钥拷贝到bdc114上
[lqs@bdc114 .ssh]$ ssh-copy-id bdc114
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/lqs/.ssh/id_rsa.pub"
The authenticity of host 'bdc114 (192.168.10.114)' can't be established.
ECDSA key fingerprint is SHA256:ZGPgFcu+jpGTP7mIzWbS5cydLEt9jOxmUYYHXQxTH9s.
ECDSA key fingerprint is MD5:46:02:86:f7:1c:c3:63:25:be:d8:c1:21:fe:29:04:f9.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
lqs@bdc114's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'bdc114'"
and check to make sure that only the key(s) you wanted were added.
#免密登录到设备bdc112上
[lqs@bdc114 .ssh]$ ssh bdc112
Last login: Sun Dec 5 19:27:03 2021 from bdc113
[lqs@bdc112 ~]$ exit
登出
Connection to bdc112 closed.
#免密登录到设备bdc113上
[lqs@bdc114 .ssh]$ ssh bdc113
Last failed login: Sun Dec 5 19:23:11 CST 2021 from bdc112 on ssh:notty
There was 1 failed login attempt since the last successful login.
Last login: Sun Dec 5 19:03:52 2021 from 192.168.10.15
[lqs@bdc113 ~]$ exit
登出
Connection to bdc113 closed.