记一次CentOS 7服务器ssh免密登陆

操作环境：CentOS 7

[root@localhost ~]# cat /etc/redhat-release 
CentOS Linux release 7.7.1908 (Core)

实验测试机器

server:192.168.128.139     //被访问者
client1:192.168.128.140    //访问者

一、客户端生成公钥和私钥

[root@client1 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):     //回车，id_rsa，生成的私钥，密码为空
Enter passphrase (empty for no passphrase):  		     	 //回车
Enter same passphrase again:   					 		     //回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.     //回车，id_rsa.pub，生成的公钥，密码为空
The key fingerprint is:   									 //回车
SHA256:+VkgxK5WSW2O054q7Zdbp17s6dgFjj0S5wUF4j7KU8c root@client1
The key's randomart image is:
+---[RSA 2048]----+
|       ...  . ...|
|       .o o. . . |
|       o.*. . .  |
|        *ooo . . |
|       oSo .* E .|
|      o  oo= @ o |
|     . . .*.+ O .|
|      . o oo O + |
|       o...o+.=  |
+----[SHA256]-----+

二、把客户端生成的公钥上传到服务器

[root@client1 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.128.139  //把公钥上传给需要被访问的服务器
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.128.139's password:     //被访问的服务器用户密码
Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.128.139'"
and check to make sure that only the key(s) you wanted were added.

三、测试

[root@client1 ~]# ssh root@192.168.128.139    //ssh以root用户身份访问192.168.128.139服务器时，不需要密码
[root@server ~]# hostname    
server