两台虚拟机如何实现ssh免密登陆

一、使用两台虚拟机
A：192.168.100.149

B：192.168.100.150

二、密钥对

1. 生成密钥对

ssh-keygen -t rsa
一直enter就行

[root@master ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:oLBIaHxZ7UuXrnRc3K7ZNO7XxWNPq9enb/fgaxWDSO0 root@master
The key's randomart image is:
+---[RSA 3072]----+
|     ..     .    |
|o   o  .   . .   |
|.+.o  o   + + .  |
|o..o . + o + E o |
|. . . . S . .  .o|
|       o +   + o=|
|      . o   * +oB|
|       .   o +.=B|
|            .+B=*|
+----[SHA256]-----+

2. 查看密钥对

ll /root/.ssh

[root@master ~]# ll /root/.ssh
total 8
-rw-------. 1 root root 2602 Dec 13 11:10 id_rsa
-rw-r--r--. 1 root root  565 Dec 13 11:10 id_rsa.pub

3. 传输服务器A的公钥id_rsa.pub到服务器B

[root@master ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.100.150

[root@master ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.100.150
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.100.150 (192.168.100.150)' can't be established.
ECDSA key fingerprint is SHA256:G01xP6hzG486gMijtbR3iBolauExT7rlwyzPIDgbLWQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.100.150's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.100.150'"
and check to make sure that only the key(s) you wanted were added.

在B上做相同的操作
4. 生成密钥对

[root@slave ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:R8HC9fdGfe2D/6+dW87GpeJSyFLEdjd1S+odi0mtoBA root@slave
The key's randomart image is:
+---[RSA 3072]----+
|       E +o    oo|
|        + =o. * =|
|       . +.o.+.==|
|        ..o +.*++|
|        S+.. * ++|
|        ..o . ..o|
|         . .   +o|
|          . . .+*|
|           o...=O|
+----[SHA256]-----+

5. 查看密钥对

[root@slave ~]# ll /root/.ssh
total 12
-rw-------. 1 root root  565 Dec 13 11:14 authorized_keys
-rw-------. 1 root root 2590 Dec 13 11:17 id_rsa
-rw-r--r--. 1 root root  564 Dec 13 11:17 id_rsa.pub

6. 传输服务器B的公钥id_rsa.pub到服务器A

[root@slave ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.100.149
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.100.149 (192.168.100.149)' can't be established.
ECDSA key fingerprint is SHA256:G01xP6hzG486gMijtbR3iBolauExT7rlwyzPIDgbLWQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.100.149's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.100.149'"
and check to make sure that only the key(s) you wanted were added.

三、测试，在B上ssh 192.168.100.150，ifconfig查看，地址为A的192.168.100.149。

至此，实验成功啦~