目标:实现lala密钥登录(免密登录)haha
在lala这台机器上,用ssh-keygen生成私钥和公钥(期间会让你设置保存密钥的文件以及密钥的密码,可以直接一路回车)
[root@lala ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:4szGn9mUsmB+dLwXrBQZj3ja7Yk1C59wRuA8K3GIuWw root@lala
The key's randomart image is:
+---[RSA 2048]----+
| |
| o |
| o = * |
| o + X o |
| ...SB B |
| =E.+ O.O |
| .O..+o% * |
| + o.B+ B |
| ..= .. |
+----[SHA256]-----+
用ssh-copy-id命令将lala的密匙复制到haha上(你需要知道haha的root密码)
[root@lala ~]# ssh-copy-id 192.168.39.12 #192.168.39.12是haha的ip
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.39.12 (192.168.39.12)' can't be established.
ECDSA key fingerprint is SHA256:ls75HuHSVkhlPKZdSB/cBQfyFpGGb95CHWhOxVpT/yw.
ECDSA key fingerprint is MD5:39:89:07:ce:08:8c:ad:53:f0:19:3b:1d:28:28:30:8f.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.39.12's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.39.12'"
and check to make sure that only the key(s) you wanted were added.
在lala上测试登录haha,无需输密码直接登录haha
[root@lala ~]# ssh 192.168.39.12
Last login: Thu Jan 2 11:24:57 2020 from 192.168.39.1
[root@haha ~]#