ssh 无秘钥登录
(1)密钥
[root@localhost ~]# ssh-keygen -t dsa (默认回车三下)
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
fa:65:a6:b8:6f:d1:f1:e0:40:2e:56:50:85:24:99:b5 root@localhost.localdomain
The key's randomart image is:
+--[ DSA 1024]----+
| oB+o. |
| o.+. |
| +E |
| o o o |
| . .S+ + |
| .. o . |
| . .+ |
| o.= |
| o++ |
+-----------------+
(2)查看产生的密钥 会产生两个文件一个id_dsa是密钥 一个id_dsa.pub是公钥
[root@localhost ~]# ls -l .ssh/
总用量 8
-rw-------. 1 root root 672 3月 29 02:35 id_dsa
-rw-r--r--. 1 root root 616 3月 29 02:35 id_dsa.pub
(3)把公钥发给其他服务器 要输入yes 和对向服务器的密码
这里特别注意如果对方ssh端口不是22,是其他端口用""括起来加-p
例如ssh-copy-id -i .ssh/id_dsa.pub "-p21 root@192.168.2.142"
[root@localhost ~]# ssh-copy-id -i .ssh/id_dsa.pub root@192.168.2.142
The authenticity of host '192.168.2.142 (192.168.2.142)' can't be established.
RSA key fingerprint is 1c:f0:dd:01:d6:58:5e:e9:07:37:b4:cc:c4:91:59:de.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.2.142' (RSA) to the list of known hosts.
root@192.168.2.142's password:
Now try logging into the machine, with "ssh 'root@192.168.2.142'", and check in:
.ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.
(4)无密钥登录
[root@localhost ~]# ssh -p22 root@192.168.2.142
Last login: Sun May 6 20:15:39 2018 from 192.168.2.149