centos 实现免密钥登陆

Posted 2020-12-03

1. 机器列表

    A：192.168.4.4

    B：192.168.4.5

    实现A免密钥登陆B

2.  A生成密钥对

[[email protected] ~]# ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:xfLhSq92OwFP30kH+K6QAQo1V38dTmjHdULaV66Zq8s [email protected]

The key's randomart image is:

+---[RSA 2048]----+

|     .o ...  o=o=|

|    .  o.. ..=+*+|

|     . ...+ +.+o+|

|      . .=o. .o=.|

|        S+o+ ++o |

|       . o= . +. |

|        . .o ..  |

|        ..o...   |

|       ....oE.   |

+----[SHA256]-----+

[[email protected] ~]# cd .ssh/

[[email protected] .ssh]# ls

id_rsa  id_rsa.pub

id_rsa : 生成的私钥文件 

id_rsa.pub ： 生成的公钥文件 

know_hosts : 已知的主机公钥清单 

如果希望ssh公钥生效需满足至少下面两个条件： 

1) .ssh目录的权限必须是700 

2) .ssh/authorized_keys文件权限必须是600

3. 将生成的公钥scp到想要登陆的服务器 B，B服务器必须有 .ssh目录，如果没有就创建并授予700权限

[[email protected] .ssh]# scp -p ~/.ssh/id_rsa.pub [email protected]:/root/.ssh/authorized_keys

[email protected]'s password:

id_rsa.pub

4. 验证

[[email protected] ~]# ssh 192.168.4.5

Last login: Thu Apr 19 10:32:54 2018 from 192.168.4.2