ssh 免秘钥登录 三部曲

最新推荐文章于 2022-11-02 15:51:54 发布
最新推荐文章于 2022-11-02 15:51:54 发布
阅读量164 收藏
点赞数
分类专栏: 运维
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/shi860715/article/details/110162827
版权

ssh 免秘钥登录 三部曲

文章目录

1、 在本地生成公钥和私钥

#一路回车生成公钥和私钥
[root@localhost ~]# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:KfL1gIUWVwAPFewag+mtLCNb5QIENYUqbsfHRNgAwFc root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|=o++*E++=+.      |
|...+ o *.        |
| o. .oo.o        |
|+   oooo..       |
|+ ..=.o+S        |
| + =.=oo o       |
|. +.o..   .      |
|..o.o            |
|.o o             |
+----[SHA256]-----+
#查看生成的公钥和私钥
[root@localhost ~]# cd .ssh/
[root@localhost .ssh]# ll
总用量 8
-rw-------. 1 root root 1679 11月 26 09:44 id_rsa
-rw-r--r--. 1 root root  408 11月 26 09:44 id_rsa.pub

2 copy 公钥到指定的服务器上

#将公钥上传到指定的服务器 181
[root@localhost .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.85.181
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.85.181 (192.168.85.181)' can't be established.
ECDSA key fingerprint is SHA256:PUjRMwDyNBxcSqV/pYAV9eocokrA75vumYA5v4LzsQU.
ECDSA key fingerprint is MD5:1c:c6:4f:53:8e:80:9a:ed:f7:db:2d:72:b7:4c:47:16.
Are you sure you want to continue connecting (yes/no)? yew^Hs^H^H^H
Please type 'yes' or 'no': yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.85.181's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.85.181'"
and check to make sure that only the key(s) you wanted were added.

您在 /var/spool/mail/root 中有新邮件
#将公钥上传到指定的服务器 182
[root@localhost .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.85.182
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.85.182 (192.168.85.182)' can't be established.
ECDSA key fingerprint is SHA256:PUjRMwDyNBxcSqV/pYAV9eocokrA75vumYA5v4LzsQU.
ECDSA key fingerprint is MD5:1c:c6:4f:53:8e:80:9a:ed:f7:db:2d:72:b7:4c:47:16.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.85.182's password: 
Permission denied, please try again.
root@192.168.85.182's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.85.182'"
and check to make sure that only the key(s) you wanted were added.
#将公钥上传到指定的服务器 183
[root@localhost .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.85.183
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.85.183 (192.168.85.183)' can't be established.
ECDSA key fingerprint is SHA256:PUjRMwDyNBxcSqV/pYAV9eocokrA75vumYA5v4LzsQU.
ECDSA key fingerprint is MD5:1c:c6:4f:53:8e:80:9a:ed:f7:db:2d:72:b7:4c:47:16.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.85.183's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.85.183'"
and check to make sure that only the key(s) you wanted were added.
#将公钥上传到指定的服务器 184
[root@localhost .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.85.184
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.85.184 (192.168.85.184)' can't be established.
ECDSA key fingerprint is SHA256:PUjRMwDyNBxcSqV/pYAV9eocokrA75vumYA5v4LzsQU.
ECDSA key fingerprint is MD5:1c:c6:4f:53:8e:80:9a:ed:f7:db:2d:72:b7:4c:47:16.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.85.184's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.85.184'"
and check to make sure that only the key(s) you wanted were added.
#通过ssh 登录181 服务器
[root@localhost .ssh]# ssh root@192.168.85.181
Last login: Thu Nov 26 09:29:32 2020 from 192.168.85.1
[root@localhost ~]# ll
总用量 12
-rw-r--r--. 1 root root  363 11月 26 09:29 ]
-rw-------. 1 root root 1336 5月  19 2020 anaconda-ks.cfg
-rw-r--r--. 1 root root    6 5月  20 2020 a.txt

3 免秘钥登录测试

#通过ip 命令来验证登录情况
[root@localhost ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:c6:7b:74 brd ff:ff:ff:ff:ff:ff
    inet 192.168.85.181/24 brd 192.168.85.255 scope global noprefixroute ens32
       valid_lft forever preferred_lft forever
    inet6 fe80::ccc4:2754:3067:5c4a/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::f656:8e3a:425c:790e/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:06:90:6c:a7 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 scope global docker0
       valid_lft forever preferred_lft forever
[root@localhost ~]#
南京小菜
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
ssh密钥登录的坑
chen5131421的专栏
04-15 8736
有工程通过页面上不小心把/home/admin下面所有目前都改成777后,导致.ssh改成700也不管用,~/.ssh/authorized_keys就算改成了600都不管用的场景。SSH密钥登录永远都不能成功。 Connection to hsslave3 closed. [admin@hsmaster .ssh]$ ssh-copy-id hsslave4 /bin/ssh-copy-i...
linux设置公钥登录问题解决
qq_43655313的博客
03-13 1218
在服务器添加完公钥后报错 1 sign_and_send_pubkey: signing failed: agent refused operation   这个时候我们只要执行下 1 2 eval"$(ssh-agent -s)" ssh-add ssh-copy-id -i /root/.ssh/id_rsa.pub student@172.16.10.10 报错/usr/bin/ss...
centos 7 SSH登录报错
crseven777的博客
11-02 903
centos 7 ssh登录报错
问题记录:ubuntu中ssh配置
学在途中
06-21 2462
开始出现问题: ubuntu@ip-172-31-30-98:$ ssh-copy-id ubuntu@ip-172-31-30-98 /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-c
关于ssh密登陆脚本实现的一些想法
zsk_john的技术分享专用博客
04-16 1050
关于ssh密登陆脚本实现的一些想法 通常ssh密应用在集群机器的管理方面,密的目的是为了运维的方便,但不是说就没有安全可言。虽然,密的时候执行ssh-keygen 的时候,没有并且也不应该输入密码,但通过密钥分发的操作后,只有具有密钥公钥的机器才可以密登陆,也就是说这一把钥匙还是在你自己的手中,因此,安全性还是无需担心的。 那么,我们可以仔细的观察一下公钥的生成过程,来看一看到底有什么奥秘在其...
ubuntu ssh密钥_生成SSH密钥以在Ubuntu中进行无密码登录
从零开始的教程世界
07-09 2249
ubuntu ssh密钥SSH (Secure Shell) is a cryptographic network protocol which is used for establishing secure connections between a remote client and a server, using the TCP protocol for security and relia...
centos ssh密钥_如何在CentOS 8上设置SSH密钥
08-16 1070
centos ssh 密钥 介绍 (Introduction) SSH, or secure shell, is an encrypted protocol used to administer and communicate with servers. When working with a CentOS server, chances are you will spend most of yo...
Linux下实现SSH密码登录和实现秘钥的管理、分发、部署SHELL脚本分享
09-15
本篇文章将详细阐述如何在Linux系统中实现SSH密码登录,以及如何通过Shell脚本来管理、分发和部署SSH密钥。 首先,我们要理解SSH密码登录的基本原理。SSH使用公钥/私钥对进行身份验证。公钥相当于一把锁,私钥...
centos6.5配置ssh秘钥登陆执行pssh命令的讲解
09-15
SSH(Secure Shell)协议就是用于在Linux或Unix系统之间安全地进行远程登录和文件传输的工具。本文将深入讲解如何在CentOS 6.5系统上配置SSH密钥登陆,并使用pssh命令批量执行命令。这种方法对于管理员来说,尤其...
Linux下SSH密码登录配置详解
09-14
在Linux系统中,SSH(Secure Shell)是一种用于在不同网络之间安全地传输数据和提供远程登录...但请注意,密码登录虽然方便,也可能带来安全风险,因此建议仅在安全网络环境中使用,并定期更新SSH密钥以增强安全性。
CentOS 6.5中SSH密码登录配置教程
09-15
在CentOS 6.5中配置SSH密码登录涉及到几个关键步骤,主要包括环境设置、生成密钥对、导入公钥以及修改文件权限。 **环境设置** 1. **关闭SELinux**:SELinux是CentOS 6.5中的安全增强层,但为了实现SSH密码...
redhat操作命令笔记---系列3
Summer_YuXia的博客
11-07 687
####系统服务的控制#### 1.systemd 系统的初始化程序,系统开始额第一个进程,pid为1 2.systemctl 命令 systemctl list-units         #####列出当前系统服务的状态 systemctl list-unit-files    #####列出服务的开机状态 systemctl status sshd
SSH登陆无权限
萌兔兔MMQ!!
08-30 1610
在第一版启动hadoop没有权限后,我开始了第二次尝试。这次我为区分各台虚拟机将用户名又初版的 wxy 改成了各自的主机名,结果在装ssh时出现了这个错误。注意 “ssh ‘slave2@slave2’” ,他会提示如何用ssh连接slave2,如果你直接 ssh slave2 还是会报错。加粗的部分为slave2的用户名和主机名,应该为 slave2@slave2 ,再运行命令即可。如果问题解决了,如果你在装Hadoop,那么快跑!网上有不同用户名的登录教程,但是我看不懂,所以我选择直接重装…...
ssh服务建立密通道
weixin_50999155的博客
07-01 574
一、信任关系 单向信任关系:A机器可以通过密钥认证以后,可以密登陆B机器 多向信任关系:A与B两台机器通过密钥认证以后,可以实现双向密互通登陆 二、使用步骤 单向信任关系 1.创建密钥 ssh-keygen # 创建密钥对 2.读入数据 data = pd.read_csv( 'https://labfile.oss.aliyuncs.com/courses/1283/adult.data.csv') print(data.head()) 该处使用的url网络请求的数据。 总
如何在Ubuntu 20.04上设置SSH密钥
08-16 5847
介绍 (Introduction) SSH, or secure shell, is an encrypted protocol used to administer and communicate with servers. When working with an Ubuntu server, chances are you will spend most of your time in a...
ubuntu配置SSH密码登陆,提示Permission denied (publickey).
热门推荐
学在途中
11-20 2万+
在使用EC2的ubuntu实例创建Hadoop集群时,配置ssh密钥出现问题: ubuntu@ip-172-31-30-202:~$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/ubuntu/.ssh/id_rsa):  Enter
使用RSA Key代替密码进行ssh远程登录
hawkdowen的专栏
08-16 1万+
使用RSAKey替代密码进行ssh远程登录
普通用户SSH无密码互信建立 出现的问题以及解决办法
JLongSL的博客
10-04 1万+
配置前提醒:.ssh目录不需要手动创建!命令会自动完成这一切。 当你看见这篇文章时,假设你已经安装好了ssh相关服务。作为普通用户,用sudo权限去修改配置文件/etc/ssh/sshd_config$ sudo vim /etc/ssh/sshd_config ... RSAAuthentication yes # 启用 RSA 认证 PubkeyAuthentication yes #
linux秘钥登录脚本
最新发布
09-02
Linux秘钥登录脚本是一种方便、安全且高效的登录方式。该脚本的原理是通过将用户的公钥添加到远程主机的授权文件中,从而实现密码登录。下面是一个简单的实现步骤: 1. 生成SSH秘钥对:使用ssh-keygen命令生成...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值