配置linux SSH 等价性

最新推荐文章于 2022-12-13 11:53:16 发布

weixin_34259159

最新推荐文章于 2022-12-13 11:53:16 发布

阅读量186

点赞数

文章标签：运维 shell

原文链接：http://blog.51cto.com/rock116/392734

版权

其实今天突然想到要配置SSH等价性是因为，项目有个小小小小需求，想做到每天同步两边的TDI脚本文件，

但是又不能把root密码写成明文，今天突然想到，可以配置SSH 等价性，使用scp，写成shell脚本，放到crontab里就好了。

以下为实验环境的配置详情

rhel4-sec主机
[root@rhel4-sec ~]# pwd
/root
[root@rhel4-sec ~]# mkdir .ssh
[root@rhel4-sec ~]# chmod 700 .ssh/
[root@rhel4-sec ~]# cd .ssh/
[root@rhel4-sec .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
de:15:ee:84:2c:dd:60:9c:39:cd:41:a2:e9:b4:e6:2a root@rhel4-sec
[root@rhel4-sec .ssh]# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa): Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
6b:cb:c8:34:56:9e:0b:e5:06:4d:4b:c1:dc:b8:64:36 root@rhel4-sec
[root@rhel4-sec .ssh]# cat *.pub > authorized_keys
[root@rhel4-sec .ssh]# scp authorized_keys rhel5-2:/root/

rhel5-2 主机
[root@rhel5-2 ~]# pwd
/root
[root@rhel5-2 ~]# mkdir .ssh
[root@rhel5-2 ~]# chmod 700 .ssh/
[root@rhel5-2 ~]# cd .ssh/
[root@rhel5-2 .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
c1:08:5e:0d:43:ad:e1:87:58:5e:0d:14:26:c5:4b:b7 root@rhel5-2
[root@rhel5-2 .ssh]# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
2f:de:ed:6f:48:b5:72:7e:93:91:c7:b3:2e:14:5a:e3 root@rhel5-2

[root@rhel5-2 .ssh]# cp /root/authorized_keys /root/.ssh/
[root@rhel5-2 .ssh]# cat *.pub >> authorized_keys
[root@rhel5-2 .ssh]# scp authorized_keys rhel4-sec:/root/.ssh/

成功之后的效果
在rhel5-2 上直接ssh到rhel4-sec，不需要输入密码
[root@rhel5-2 ~]# ssh rhel4-sec
Last login: Thu Sep 16 12:55:52 2010 from rhel5-2
[root@rhel4-sec ~]# id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),500(idsldap),512(ivmgr),513(tivoli)

在rhel4-sec上直接 ssh到rhel5-2，一样不需要输入密码
[root@rhel4-sec .ssh]# ssh rhel5-2
Last login: Thu Sep 16 13:02:14 2010 from 10.1.1.1
[root@rhel5-2 ~]# id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)

转载于:https://blog.51cto.com/rock116/392734