多台Linux主机配置免密登录互信

看着博客敲代码

已于 2022-08-05 16:35:06 修改

阅读量1.8k

点赞数

分类专栏： Linux命令文章标签： linux ssh 运维

于 2021-09-15 21:24:23 首次发布

本文链接：https://blog.csdn.net/qq_46023525/article/details/120316796

版权

Linux命令专栏收录该内容

12 篇文章 0 订阅

订阅专栏

多台Linux主机之间配置免密登录

以三台主机为例

192.168.*.195

192.168.*.156

192.168.*.88

全部命令

每一台都要操作
ssh-keygen -t rsa
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
一台操作即可，我这里在195上操作
ssh 192.168.31.156 cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
ssh 192.168.31.88 cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
scp /root/.ssh/authorized_keys 192.168.31.156:/root/.ssh/
scp /root/.ssh/authorized_keys 192.168.31.88:/root/.ssh/
测试
ssh 192.168.*.156
ssh 192.168.*.88

详细操作步骤：

每一台都需要操作

#生成RSA密钥和公钥
[root@MiWiFi-R4CM-srv ~]# ssh-keygen -t rsa
#一路回车即可
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:vz/rIKOO/vIGhrtyDzMQ304SsDtnnLIOMTZdAt/nGl0 root@MiWiFi-R4CM-srv
The key's randomart image is:
+---[RSA 2048]----+
|..               |
| oo .            |
|o .o o . E       |
| =.+o + .        |
|BoBoo. oS        |
|.Xo+o o  .       |
|o +o.o  o o      |
|+ o+.... o o.    |
| +.++*=   .o+o   |
+----[SHA256]-----+

#将公钥写到一个配置文件中
[root@MiWiFi-R4CM-srv .ssh]# cat ~/.ssh/id_rsa.pub >> ~/.ssh/gongyaowenjian_keys
#查看authorized_keys文件已经存在
[root@MiWiFi-R4CM-srv ~]# ll /root/.ssh/
总用量 12
-rw-r--r--. 1 root root  402 9月  15 20:36 authorized_keys
-rw-------. 1 root root 1679 9月  15 20:35 id_rsa
-rw-r--r--. 1 root root  402 9月  15 20:35 id_rsa.pub

#当前authorized_keys文件权限为644，要改为600
[root@MiWiFi-R4CM-srv ~]# chmod 600 /root/.ssh/authorized_keys 
[root@MiWiFi-R4CM-srv ~]# ll /root/.ssh/
总用量 12
-rw-------. 1 root root  402 9月  15 20:36 authorized_keys
-rw-------. 1 root root 1679 9月  15 20:35 id_rsa
-rw-r--r--. 1 root root  402 9月  15 20:35 id_rsa.pub

在一台操作
我这里使用的是192.168.*.195

#统一authorized_keys文件
[root@MiWiFi-R4CM-srv ~]# ssh 192.168.*.156 cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys 
The authenticity of host '192.168.*.156 (192.168.*.156)' can't be established.
ECDSA key fingerprint is SHA256:d4QP3/Xj22GzPV05DIhGlHP6xocO4yAut8SSZpLrL+Q.
ECDSA key fingerprint is MD5:ca:08:5c:27:73:91:8f:70:f0:cd:64:b3:40:fe:18:38.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.*.156' (ECDSA) to the list of known hosts.'
输入156的密码
Password: 
#统一authorized_keys文件
[root@MiWiFi-R4CM-srv ~]# ssh 192.168.*.88 cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys 
The authenticity of host '192.168.*.88 (192.168.*.88)' can't be established.
ECDSA key fingerprint is SHA256:SfuCQSJDa8Ql2WjuznB5hnbkIh2P/dv+ly4ho0aYv+I.
ECDSA key fingerprint is MD5:b4:6c:c1:41:11:c5:2e:4f:16:47:44:90:12:ec:de:7c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.*.88' (ECDSA) to the list of known hosts.'
输入88的密码
root@192.168.*.88's password:

分发统一后的文件到其它主机

[root@MiWiFi-R4CM-srv ~]# scp /root/.ssh/authorized_keys 192.168.*.156:/root/.ssh/
Password: 
authorized_keys                                    100% 1378     1.1MB/s   00:00    
[root@MiWiFi-R4CM-srv ~]# scp /root/.ssh/authorized_keys 192.168.*.88:/root/.ssh/
root@192.168.*.88's password: 
authorized_keys                                    100% 1378     1.5MB/s   00:00

测试

195上测试
[root@MiWiFi-R4CM-srv ~]# ssh 192.168.*.156
Last login: Wed Sep 15 20:43:38 2021 from 192.168.31.195
[root@MiWiFi-R4CM-srv ~]# exit
登出
Connection to 192.168.*.156 closed.
[root@MiWiFi-R4CM-srv ~]# ssh 192.168.*.88
Last login: Wed Sep 15 20:33:19 2021 from 192.168.31.195
[root@MiWiFi-R4CM-srv ~]# exit
登出
Connection to 192.168.*.88 closed.

156测试    第一次连接需要输入yes
[root@MiWiFi-R4CM-srv ~]# ssh 192.168.*.195
The authenticity of host '192.168.*.195 (192.168.*.195)' can't be established.
ED25519 key fingerprint is SHA256:qZPr+ZsYF+wQJQM2BFqZk4I10gsLSg0fNmWw2Xr14Y4.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.*.195' (ED25519) to the list of known hosts.
Last login: Wed Sep 15 20:00:29 2021 from 192.168.31.198'
[root@MiWiFi-R4CM-srv ~]# exit
登出
Connection to 192.168.*.195 closed.
[root@MiWiFi-R4CM-srv ~]# ssh 192.168.*.88
The authenticity of host '192.168.*.88 (192.168.*.88)' can't be established.
ED25519 key fingerprint is SHA256:30Jol+0eG+w79b25kc0OjQYfQwtRjSKBHWEJMuFcJg4.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.*.88' (ED25519) to the list of known hosts.
Last login: Wed Sep 15 20:44:37 2021 from 192.168.*.195'
[root@MiWiFi-R4CM-srv ~]# exit
登出
Connection to 192.168.*.88 closed.

88测试    第一次连接需要输入yes
[root@MiWiFi-R4CM-srv ~]# ssh 192.168.*.195
The authenticity of host '192.168.*.195 (192.168.*.195)' can't be established.
ECDSA key fingerprint is SHA256:IsAilvvepWp/wkUp0PRqPBGOSGsIj749U7ZIW1J2eGY.
ECDSA key fingerprint is MD5:e2:25:f7:59:8b:b5:f9:38:e8:62:7e:40:f4:27:a8:0a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.*.195' (ECDSA) to the list of known hosts.
Last login: Wed Sep 15 20:45:16 2021 from 192.168.*.156'
[root@MiWiFi-R4CM-srv ~]# exit
登出
Connection to 192.168.*.195 closed.
[root@MiWiFi-R4CM-srv ~]# ssh 192.168.*.156
The authenticity of host '192.168.*.156 (192.168.*.156)' can't be established.
ECDSA key fingerprint is SHA256:d4QP3/Xj22GzPV05DIhGlHP6xocO4yAut8SSZpLrL+Q.
ECDSA key fingerprint is MD5:ca:08:5c:27:73:91:8f:70:f0:cd:64:b3:40:fe:18:38.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.*.156' (ECDSA) to the list of known hosts.
Last login: Wed Sep 15 20:44:09 2021 from 192.168.*.195'
[root@MiWiFi-R4CM-srv ~]# exit
登出
Connection to 192.168.*.156 closed.