ssh 无秘钥登录

ssh 无秘钥登录

（1）密钥

 [root@localhost ~]#  ssh-keygen -t dsa  （默认回车三下）

Generating public/private dsa key pair.

Enter file in which to save the key (/root/.ssh/id_dsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_dsa.

Your public key has been saved in /root/.ssh/id_dsa.pub.

The key fingerprint is:

fa:65:a6:b8:6f:d1:f1:e0:40:2e:56:50:85:24:99:b5 root@localhost.localdomain

The key's randomart image is:

+--[ DSA 1024]----+

|      oB+o.      |

|      o.+.       |

|       +E        |

|      o o o      |

|     . .S+ +     |

|       .. o .    |

|      .  .+      |

|       o.=       |

|      o++        |

+-----------------+

（2）查看产生的密钥 会产生两个文件一个id_dsa是密钥 一个id_dsa.pub是公钥

[root@localhost ~]# ls -l .ssh/

总用量 8

-rw-------. 1 root root 672 3月  29 02:35 id_dsa

-rw-r--r--. 1 root root 616 3月  29 02:35 id_dsa.pub

（3）把公钥发给其他服务器 要输入yes 和对向服务器的密码

  这里特别注意如果对方ssh端口不是22，是其他端口用""括起来加-p

例如ssh-copy-id -i .ssh/id_dsa.pub "-p21  root@192.168.2.142"

[root@localhost ~]# ssh-copy-id -i .ssh/id_dsa.pub root@192.168.2.142

The authenticity of host '192.168.2.142 (192.168.2.142)' can't be established.

RSA key fingerprint is 1c:f0:dd:01:d6:58:5e:e9:07:37:b4:cc:c4:91:59:de.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.2.142' (RSA) to the list of known hosts.

root@192.168.2.142's password:

Now try logging into the machine, with "ssh 'root@192.168.2.142'", and check in:
.ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.

（4）无密钥登录

[root@localhost ~]# ssh -p22 root@192.168.2.142

Last login: Sun May  6 20:15:39 2018 from 192.168.2.149