ssh-keygen/ssh-copy-id 免密登录

ssh-keygen/ssh-copy-id 免密登录

• ssh-keygen
  ssh-keygen用来生成ssh公钥认证所需的公钥和私钥文件。

[root@localhost ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa
//  -t 密钥类型  -f 密钥文件路径及名称  
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 	#输入密码 不输入可直接回车
Enter same passphrase again: 			#重复输入密码 不输入可直接回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:J0JI/hmzGq6pPRRgzIejwzlGLqBHxXlcAQu3JNwGfl4 root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|o .+*=+oo.       |
|oB.=+*=o         |
|Oo+ +oB E        |
|=*o  = *         |
|oo... * S .      |
|  .. o . o       |
| .  o            |
| ..o             |
|..+.             |
+----[SHA256]-----+

ssh-keygen常用参数说明:

-t 指定要创建的密钥类型。可以使用：“rsa1”(SSH-1) “rsa”(SSH-2) “dsa”(SSH-2)

-f 指定密钥文件名。
-C 添加注释

-N 提供一个新的密语。

• 查看~/.ssh/的 文件:

[root@localhost ~]# cd ~/.ssh/
[root@localhost .ssh]# ls
id_rsa  id_rsa.pub  known_hosts
公钥			私钥

• ssh-copy-id把当前服务器的公钥发送给别的服务器
• ssh-copy-id root@192.168.80.140 默认用法

# -i 指定文件 -p 指定端口   目标IP
[root@localhost .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub -p 22 root@192.168.80.140
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.80.140's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '22' 'root@192.168.80.140'"
and check to make sure that only the key(s) you wanted were added.

[root@localhost .ssh]# ssh root@192.168.80.140
Last login: Wed Dec  9 11:43:34 2020 from 192.168.80.1      #成功免密登录
[root@localhost ~]#