主机操作系统为Ubuntu18.04,因为暂时没找到Ubuntu中与Xshell匹配的软件,故而登录其他开发环境主机一般通过ssh命令,但是主机过多,密码容易遗忘,这里通过ssh免密码设置来登录主机。
这里演示从主机免密登录到 192.168.1.6
1 设置hosts
将要登录的服务器的IP设置到hosts中,后续直接使用hostname。
$ sudo vi /etc/hosts
# 新增配置
192.168.1.6 local_6
# 重启网卡
$ sudo service network-manager restart
2 生成本机密钥对
ubuntu@ubuntu:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/avie/.ssh/id_rsa):
/home/avie/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/avie/.ssh/id_rsa.
Your public key has been saved in /home/avie/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:GrT0vmJHgKDWeAdqR3M4UIHHgll64ZeRmarf2CvD++M avie@ubuntu
The key's randomart image is:
+---[RSA 2048]----+
|.+Bo++ |
|o=.X++ |
|..XoB.o |
|.*.=.+.o |
|o.o . o.S |
|. +. |
| o + ... |
| * + o .. |
| .*E+ o. |
+----[SHA256]-----+
ubuntu@ubuntu:~$
此时会在/home/ubuntu/.ssh目录下生成密钥对
ubuntu@ubuntu:~$ ll .ssh
总用量 20
drwx------ 2 ubuntu ubuntu 4096 5月 17 11:22 ./
drwxr-xr-x 43 ubuntu ubuntu 4096 6月 2 14:15 ../
-rw------- 1 ubuntu ubuntu 1679 6月 2 14:32 id_rsa
-rw-r--r-- 1 ubuntu ubuntu 393 6月 2 14:32 id_rsa.pub
-rw-r--r-- 1 ubuntu ubuntu 1772 6月 2 14:16 known_hosts
ubuntu@ubuntu:~$
3 上传公钥到需要登录的服务器
ubuntu@ubuntu:~$ ssh-copy-id ubuntu@192.168.1.6
The authenticity of host '192.168.1.6 (192.168.1.6)' can't be established.
ECDSA key fingerprint is SHA256:2pzDbXEUlQx28SlyTmxWyhf75mQ1aevwN8kwhjjyuN8.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
avie@192.168.1.6's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'avie@192.168.1.6'"
and check to make sure that only the key(s) you wanted were added.
ubuntu@ubuntu:~$
此时本机的公钥文件内容会追加写入到192.168.1.6 ubuntu用户下的的 .ssh/authorized_keys 文件中
4 测试登录
ubuntu@ubuntu:~$ ssh ubuntu@local_6
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 5.4.0-73-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
17 updates can be applied immediately.
1 of these updates is a standard security update.
To see these additional updates run: apt list --upgradable
New release '20.04.2 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Your Hardware Enablement Stack (HWE) is supported until April 2023.
Last login: Wed May 26 17:59:42 2021 from 192.168.1.64
ubuntu@ubuntu-HP-Z2-G4-Entry-Tower-Workstation:~$ ifconfig -a
...
显示已经登录到1.6主机。此时如果本机的账户,与1.6需要登录的账户都是ubuntu的话,命令可以缩减为ssh local_6
5 错误处理
如果在使用ssh-copy-id时出现出现Host key verfication failed错误,
ubuntu@ubuntu:~$ ssh-copy-id ubuntu@192.168.1.6
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/ubuntu/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
ERROR: Someone could be eavesdropping on you right now (man-in-the-middle attack)!
ERROR: It is also possible that a host key has just been changed.
ERROR: The fingerprint for the ECDSA key sent by the remote host is
ERROR: SHA256:2pzDbXEUlQx28SlyTmxWyhf75mQ1aevwN8kwhjjyuN8.
ERROR: Please contact your system administrator.
ERROR: Add correct host key in /root/.ssh/known_hosts to get rid of this message.
ERROR: Offending ECDSA key in /root/.ssh/known_hosts:3
ERROR: remove with:
ERROR: ssh-keygen -f "/root/.ssh/known_hosts" -R "192.168.1.6"
ERROR: ECDSA host key for 192.168.1.6 has changed and you have requested strict checking.
ERROR: Host key verification failed.
ubuntu@ubuntu:~$
解决命令:ssh-keygen -R 目标IP地址 :
ubuntu@ubuntu:~$ ssh-keygen -R 192.168.1.6
# Host 192.168.1.6 found: line 3
/home/ubuntu/.ssh/known_hosts updated.
Original contents retained as /home/avie/.ssh/known_hosts.old
ubuntu@ubuntu:~$ sudo ssh-copy-id avie@192.168.1.6
而后重新执行ssh-copy-id
即可。