一、环境
三台机器做ssh免密登录
用户 | IP |
test | 192.168.10.10 |
test | 192.168.10.20 |
test | 192.168.10.30 |
二、操作
2.1、生成秘钥
登录192.168.10.10,通过ssh-keygen生成秘钥,一路回车即可,生成秘钥会在/home/test/.ssh目录中,具体如下:
[@test_192_168_10_10 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/test/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/test/.ssh/id_rsa.
Your public key has been saved in /home/test/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Ay5uY6M3FAYZnv+rCfPoN+iRGPT6lHIkKRfaR2dV2Ac test@test_192_168_10_10
The key's randomart image is:
+---[RSA 2048]----+
| .o .+E. |
| .o. .. . . |
| .+.. + . |
|.oo+o+ . |
|+oo++.. S |
|.+++oo . |
|.o=** . |
| *X=+ . |
| o=+++. |
+----[SHA256]-----+
[@test_192_168_10_10 ~]$
其他两台机器同样操作
2.2、拷贝公钥
将192.168.10.20和192.168.10.30这两台机器生成的公钥拷贝到192.168.10.10,所以需要分别登录192.168.10.20和192.168.10.30,执行如下:
[@test_192.168.10.20 ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub test@192.168.10.10
[@test_192.168.10.30 ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub test@192.168.10.10
在192.168.10.10机器上面会自动生成该文件: /home/mediaai/.ssh/authorized_keys,文件内容就是192.168.10.20 192.168.10.30的公钥.
将192.168.10.10的公钥加入到authorized_keys文件中,执行下面命令:
[@test_192_168_10_10 ~]$ cd ~/.ssh
[@test_192_168_10_10 ~/.ssh]$ cat id_rsa.pub >> authorized_keys
2.3、将authorized_keys分别拷贝到 192.168.10.20 192.168.10.30的.ssh目录中:
[@test_192_168_10_10 ~/.ssh]$ scp authorized_keys 192.168.10.20:/home/test/.ssh
[@test_192_168_10_10 ~/.ssh]$ scp authorized_keys 192.168.10.30:/home/test/.ssh
三、验证
至此如果没有问题,应该可以完成免密登录