系统CentOS6.5
ssh-keygen是openssh的一个功能,如果不能执行该命令,需要查看是否已经安装openssh
目的:实现10.1.1.1到10.1.1.2(相反)单向无密码认证
在10.1.1.1上生成秘钥
[root@localhost~]# ssh-keygen -t rsa -C"10.1.1.1"
Generatingpublic/private rsa key pair.
Enter file in whichto save the key (/root/.ssh/id_rsa):
Created directory'/root/.ssh'.
Enter passphrase(empty for no passphrase):
Enter samepassphrase again:
Your identificationhas been saved in /root/.ssh/id_rsa.
Your public key hasbeen saved in /root/.ssh/id_rsa.pub.
The key fingerprintis:
34:d0:4d:25:42:8d:70:79:02:34:32:91:60:3e:d5:5aroot@localhost.localdomain
The key's randomartimage is:
+--[ RSA 2048]----+
| o.==*=+*o.. |
| o ..oE+=.+. |
| o o oo |
| .. .. |
| S |
| |
| |
| |
| |
+-----------------+
生成一个公钥id_rsa.pub和一个私钥id_rsa
#cd /root/.ssh
[root@localhost.ssh]# ll
总用量 8
-rw------- 1 root root 1675 9月 6 17:38 id_rsa
-rw-r--r-- 1 root root 408 9月 6 17:38 id_rsa.pub
将10.1.1.1生成的id_rsa.pub拷贝到10.1.1.2上
# scp/root/.ssh/id_rsa.pub root@10.1.1.2:/
在10.1.1.2上建立root/.ssh文件夹,并创建authorized_keys文件
#mkdir root/.ssh
#cd root/.ssh/
#cp /id_rsa.pubauthorized_keys
#chmod 400authorized_keys
#rm /id_rsa.pub
现在10.1.1.1 ssh10.1.1.2 将不需要密码