ssh免秘钥认证-复制
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了ssh免秘钥认证-复制相关的知识,希望对你有一定的参考价值。
scp免秘钥认证
https://www.cnblogs.com/wayne173/p/5505863.html
https://blog.csdn.net/nfer_zhuang/article/details/42646849
##################交互式秘钥生成ssh-dsa#######################
1 创建用户及密码(在上图4台机器上面操作)
useradd oldgirl
echo 123456|passwd --stdin oldgirl
id oldgirl
su - oldgirl
2 在m01机器生成秘钥对,一路回车
[[email protected] ~]$ ssh-keygen -t dsa #一路回车就生成了秘钥
Your identification has been saved in /home/oldgirl/.ssh/id_dsa.
Your public key has been saved in /home/oldgirl/.ssh/id_dsa.pub.
[[email protected] ~]$ ll .ssh/
total 8
-rw------- 1 oldgirl oldgirl 668 Feb 7 14:30 id_dsa #钥匙,私钥
-rw-r--r-- 1 oldgirl oldgirl 601 Feb 7 14:30 id_dsa.pub #锁,公钥
3 m01分发公钥
如果ssh服务没有优化(端口没修改):执行如下命令分发公钥
[[email protected] ~]$ ssh-copy-id -i .ssh/id_dsa.pub [email protected]
[[email protected] ~]$ ssh-copy-id -i .ssh/id_dsa.pub [email protected]
如果ssh服务端口修改过:执行如下命令分发公钥
[[email protected] ~]$ ssh-copy-id -i .ssh/id_dsa.pub "-p 52113 [email protected]"
4 测试
验证方法:在管理机器m01上执行如下命令,如果现实IP地址正确即可。
ssh -p52113 [email protected] /sbin/ifconfig eth0
ssh -p52113 [email protected] /sbin/ifconfig eth0
ssh -p52113 [email protected] /sbin/ifconfig eth0
##################交互式秘钥生成ssh-rsa#######################
1 创建用户及密码(在上图4台机器上面操作)
useradd oldgirl
echo 123456|passwd --stdin oldgirl
id oldgirl
su - oldgirl
2 在m01机器生成秘钥对,一路回车
这里创建的是rsa
[[email protected] ~]# ssh-keygen -t rsa #一路回车即可
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
fe:df:23:98:5b:2e:96:ed:90:78:34:5e:3e:41:67:46 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
| E |
| . |
| . + |
| . + |
| S o o |
| . + = . |
| o ==+ |
| o*+oo. |
| .o=+... |
+-----------------+
[[email protected] ~]# ll .ssh/
total 8
-rw-------. 1 root root 1675 Jul 11 09:11 id_rsa #钥匙,私钥
-rw-r--r--. 1 root root 403 Jul 11 09:11 id_rsa.pub #锁,公钥
[[email protected] ~]#
3 m01分发公钥
如果ssh服务没有优化(端口没修改):执行如下命令分发公钥
[[email protected] ~]$ ssh-copy-id -i .ssh/id_dsa.pub [email protected]
[[email protected] ~]$ ssh-copy-id -i .ssh/id_dsa.pub [email protected]
如果ssh服务端口修改过:执行如下命令分发公钥
[[email protected] ~]$ ssh-copy-id -i .ssh/id_dsa.pub "-p 52113 [email protected]"
实战:
[[email protected] ~]# ssh-copy-id -i .ssh/id_rsa.pub [email protected]
[email protected]'s password:
Now try logging into the machine, with "ssh '[email protected]'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[[email protected] ~]#
然后到目标机器查看: 如下已经ok了。authorized_keys
[[email protected] ~]# ll .ssh/
total 4
-rw-------. 1 root root 403 Jul 11 09:14 authorized_keys
[[email protected] ~]#
4 测试
验证方法:在管理机器m01上执行如下命令,如果现实IP地址正确即可。
ssh -p52113 [email protected] /sbin/ifconfig eth0
ssh -p52113 [email protected] /sbin/ifconfig eth0
ssh -p52113 [email protected] /sbin/ifconfig eth0
实战测试:ok
[[email protected] target]# scp jdwin-upms-rpc-service-assembly.tar.gz [email protected]:/data/backup/
jdwin-upms-rpc-service-assembly.tar.gz 100% 78MB 78.4MB/s 00:01
[[email protected] target]#
以上是关于ssh免秘钥认证-复制的主要内容,如果未能解决你的问题,请参考以下文章