SSH免密钥登陆

local ipaddress：10.47.39.7；remote ipaddress：10.47.39.8

1、生成公钥和私钥

[root@local ~]# ssh-keygen -t rsa   #一路回车
[root@local ~]# ssh-keygen -t rsa -P "" -N '' -f ~/.ssh/id_rsa -q -b 2048   #一键生成公钥和私钥
-N ''  是指密码为空；
-f ~/.ssh/id_rsa  是指保存文件为~/.ssh/id_rsa和~/.ssh/id_rsa.pub；
-q  是指静默模式，和unzip的-q参数一样的；
-b  是指位数，可以指定1024这类的，默认是2048；

2、生成完后在.ssh目录里会看全id_isa和id_rsa.pub两个文件

[root@local ~]# cd .ssh/
[root@local .ssh]# ls
id_rsa id_rsa.pub known_hosts

3、复制id_rsa.pub文件到需要登陆的远程主机的.ssh目录

[root@local ~]# scp /root/.ssh/id_rsa.pub root@10.47.39.8:/root/.ssh/
[root@local ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub -o StrictHostKeyChecking=no root@[ip]   #使用此命令不需要重命名id_dsa.pub文件为authorized_keys
[root@local ~]# yum -y install sshpass
[root@local ~]# sshpass -p[password] ssh-copy-id -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no root@[ip]  #使用sshpass命令批量推送，不需要交互式输入服务器密码

注：如复制时提示以下错误请先在远程主机上ssh连接到其它主机
[root@local .ssh]# scp id_rsa.pub root@10.47.39.8:/root/.ssh/
The authenticity of host '10.47.39.8 (10.47.39.8)' can't be established.
RSA key fingerprint is 15:89:eb:56:74:61:01:aa:f3:94:d5:16:f6:f4:22:f1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.47.39.8' (RSA) to the list of known hosts.
root@10.47.39.8's password: scp: /root/.ssh/: Is a directory

4、在远程主机上把id_rsa.pub文件重命名为authorized_keys

 [root@remote .ssh]# mv id_rsa.pub authorized_keys

[root@remote .ssh]# ls
authorized_keys known_hosts

5、测试

[root@local ~]# ssh 10.47.39.8
Last login: Mon Dec 25 17:00:45 2017 from 10.47.39.7
[root@remote ~]#

 6、Xshell使用密钥登陆远程主机

 参考链接：
       http://www.mls-software.com/opensshd.html#botpage     #openssh for windows下载
       https://cygwin.com/install.html                                          #cygwin下载