ssh-keygen/ssh-copy-id 免密登录
- ssh-keygen
ssh-keygen用来生成ssh公钥认证所需的公钥和私钥文件。
[root@localhost ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa
// -t 密钥类型 -f 密钥文件路径及名称
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): #输入密码 不输入可直接回车
Enter same passphrase again: #重复输入密码 不输入可直接回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:J0JI/hmzGq6pPRRgzIejwzlGLqBHxXlcAQu3JNwGfl4 root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|o .+*=+oo. |
|oB.=+*=o |
|Oo+ +oB E |
|=*o = * |
|oo... * S . |
| .. o . o |
| . o |
| ..o |
|..+. |
+----[SHA256]-----+
ssh-keygen常用参数说明:
-t 指定要创建的密钥类型。可以使用:“rsa1”(SSH-1) “rsa”(SSH-2) “dsa”(SSH-2)
-f 指定密钥文件名。
-C 添加注释
-N 提供一个新的密语。
- 查看~/.ssh/的 文件:
[root@localhost ~]# cd ~/.ssh/
[root@localhost .ssh]# ls
id_rsa id_rsa.pub known_hosts
公钥 私钥
- ssh-copy-id把当前服务器的公钥发送给别的服务器
- ssh-copy-id root@192.168.80.140 默认用法
# -i 指定文件 -p 指定端口 目标IP
[root@localhost .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub -p 22 root@192.168.80.140
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.80.140's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -p '22' 'root@192.168.80.140'"
and check to make sure that only the key(s) you wanted were added.
[root@localhost .ssh]# ssh root@192.168.80.140
Last login: Wed Dec 9 11:43:34 2020 from 192.168.80.1 #成功免密登录
[root@localhost ~]#