- 首先在源主机上执行命令:ssh-keygen,操作如下:
[root@localhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:g4SX0Fpx9AFEmDJ54fDNVjvconuqFdy7vZJ49C+hUUs root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
| oooO*.o |
| +**= + + |
| .** + * . |
| .o + o oE |
| . S .o . |
| +o.o |
| ooo= . |
| ..o=oo |
| ......o+. |
+----[SHA256]-----+
[root@localhost ~]#
执行完成会在源主机上的/root/.ssh目录下生成两个文件,一个私钥一个公钥文件
[root@localhost ~]# ll /root/.ssh/
total 8
-rw-------. 1 root root 1675 Dec 1 16:35 id_rsa
-rw-r--r--. 1 root root 408 Dec 1 16:35 id_rsa.pub
[root@localhost ~]#
- 拷贝公钥文件中的内容到目标主机的authorized_keys 文件中
注如果目标主机上没有.ssh文件件,可以登录到主机上执行ssh localhost
[root@localhost ~]# cat /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDjXS/yB296ywB6oTnsatiRpjRaIxhUoYqOeG/TGX6l+TOHXqfEnEM2E3j/aBCuMO9ZKFlOjMFqfzfRCIqPWAz6csaipKTIwKhkVYGqjto8tjw+xaTBbXqLFLDMsq/JRDkF/SlPY6fxOc/YWKNQu/rlTIeeLF7tg9/5p0E/Sx0N92xb4Vb5H0KULSfxWXFFybENp56LUWdymsaLQqqXjYtB4yi0CYdEsmKygP37n+0//2hMNB+GsraWQdLLYAcReJheSB9lx+c1/CL3vglAiQ4Enjw48mv+pyrc2g/2OJIVIl7ELsWRHgFtY0vSN7vmQmWMT5Xp+F7u5JKZ6RHdTcBx root@localhost.localdomain
[root@localhost ~]#
单向免密完成
双向的时候就就把原来的目标主机换成源主机,源主机换成目标主机即可。