centos7免密登录

OpenSSH免密登录设置
目的：一台centos服务器 可以免密登录其余2台服务器
备材料：三台centos虚拟机
同网 同网段 同型号系统

IP地址为 ：

192.168.217.12
192.168.217.11
192.168.217.13

生成公私钥服务器为192.168.217.12

[root@localhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:jDYIWF6C8iNZg+goCO9PtY8vDtK8nu+CaJJmUHSCrnQ root@localhost
The key's randomart image is:
+---[RSA 2048]----+
|.+o .            |
|B+=o.            |
|O*o+             |
|*+=E ..o         |
|++....+.S        |
|o .o....         |
|.o.++  o         |
|++..o+o .        |
|=  .+=+o.        |
+----[SHA256]-----+

查看密钥文件（id_rsa id_rsa.pub）

[root@localhost ~]# ls .ssh
authorized_keys  id_rsa  id_rsa.pub

将秘钥文件 id_rsa.pub 发送到 192.168.217.11、 192.168.217.13服务器

[root@localhost ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.217.11
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub"
The authenticity of host '192.168.217.11 (192.168.217.11)' can't be established.
ECDSA key fingerprint is SHA256:Qj4J9VmgCVZSQSJBFJ5/7QkK2frMx8i7zbfFVT8OR0Y.
ECDSA key fingerprint is MD5:4a:ad:7e:14:5e:cc:48:a8:8c:8a:1a:53:5d:9a:8b:e3.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

root@192.168.217.11's password: 
Permission denied, please try again.
root@192.168.217.11's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.217.11'"
and check to make sure that only the key(s) you wanted were added.

192.168.217.11服务器查看 秘钥文件

 [root@ftp-server ~]# ls .ssh
authorized_keys

192.168.217.13 操作同上

192.168.217.12服务器登录 11、13IP

[root@localhost ~]# ssh 192.168.217.11
Last login: Tue Mar  8 18:18:09 2022 from 192.168.217.50

12服务器查看登录服务器ip

[root@ftp-server ~]# ip addr
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:84:17:a8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.217.11/24 brd 192.168.217.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::cca1:73f7:a8e4:c2f9/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::d4f5:dc44:ab9a:4241/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever