创建一个用户jack ,并设置密码为1
[root@localhost ~]# useradd jack
[root@localhost ~]# echo "1" |passwd --stdin jack
Changing password for user jack.
passwd: all authentication tokens updated successfully.
切换至普通用户,创建公钥
[root@localhost ~]# su - jack
[jack@localhost ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jack/.ssh/id_rsa):
Created directory '/home/jack/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/jack/.ssh/id_rsa.
Your public key has been saved in /home/jack/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:KBuurKyJuFlIj4jwpRqN415P+ST0VE03nGjLXu4C5eI jack@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
| .oo. |
| oo.o. |
| .o.. |
| .. + . |
|.. +...S + o |
|==o+.++ o o . |
|B.=oo+ o. o . |
|=O..o + E . . |
|%*o . . . |
+----[SHA256]-----+
[jack@localhost ~]$ ls .ssh/
id_rsa id_rsa.pub
发送公钥给对端主机
[jack@localhost ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.169.50
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/jack/.ssh/id_rsa.pub"
The authenticity of host '192.168.169.50 (192.168.169.50)' can't be established.
ECDSA key fingerprint is SHA256:Nc1FlGR5OEIdgbqQ99MSkfXPk9norxi29aXjJx/4yf4.
ECDSA key fingerprint is MD5:c7:04:92:2b:74:e8:45:26:1b:40:39:0b:e3:b5:45:95.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.169.50's password:
Number of key(s) added: 1
登录测试
[jack@localhost ~]$ ssh root@192.168.169.50
Last login: Sat Sep 15 00:45:16 2018 from 192.168.169.10
ssh 批量登录 (积累不推荐)
操作的主机IP:192.168.169.10
批量登录之前先做ssh 发送公钥到对端主机
[root@localhost ~]# vim ~/.ssh/config
Host b-server
HostName 192.168.169.50
port 22
User root
IdentityFile ~/.ssh/id_rsa
Host test
HostName 192.168.169.30
port 22
User root
IdentityFile ~/.ssh/id_rsa
登录测试
[root@localhost ~]# ssh test
ssh: connect to host 192.168.169.30 port 22: No route to host
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:9e:aa:92 brd ff:ff:ff:ff:ff:ff
inet 192.168.169.50/24 brd 192.168.169.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe9e:aa92/64 scope link
valid_lft forever preferred_lft forever