1,生產密鑰
[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:f1RcvMGEeKh55zJOcgkihAUa+4w7Bp/A6XpZDy4YtbQ [email protected]
The key's randomart image is:
+---[RSA 2048]----+
| . .+. o +o.|
| +. . o + +.|
| o . o . o o|
|. B . . + . o . |
|o* = . S o = |
|+oE.o o B . |
| Bo+ o * + |
|+ = . . o |
|.. . |
+----[SHA256]-----+
[root@localhost ~]#
查看生成的密鑰
[root@localhost ~]# cd /root/.ssh/
[root@localhost .ssh]# ls -a
. .. id_rsa id_rsa.pub
[root@localhost .ssh]# ll -a
total 8
drwx------. 2 root root 38 五月 15 23:37 .
dr-xr-x---. 4 root root 159 五月 15 23:37 ..
-rw-------. 1 root root 1679 五月 15 23:37 id_rsa
-rw-r--r--. 1 root root 408 五月 15 23:37 id_rsa.pub
[root@localhost .ssh]#
把自己的公鑰配置給自己:
[root@localhost .ssh]# cp id_rsa.pub authorized_keys
[root@localhost .ssh]# ll
total 12
-rw-r--r--. 1 root root 408 五月 15 23:42 authorized_keys
-rw-------. 1 root root 1679 五月 15 23:37 id_rsa
-rw-r--r--. 1 root root 408 五月 15 23:37 id_rsa.pub
[root@localhost .ssh]#
查看並驗證:
[root@localhost .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/7s/5n3njJgDF2r4YUlHHKg6sU7rHA8SotgJ8g9QUihbEseSi4ovVdKfWRUos8z4moMzpX6gGbdnB2pHfC7RYIkhYRhDx8N5sapBPKB4onsvNwfTIP/EjyXUjn48YLDfK/V2F6wkDAzooKOcvQlcPSvXFulVkTDfbaGBNwogoJVrm4Cpr0uI6+37y4jR0WuegPFfKDORXJyikycWy7Lw/2MtB4Tad3B96CLCtD2MLBGTqbu0iBLdWwrmHkfNmtOa20f1gU2uM2Qm7vlTV7BEsGIjSWb4Xm6f7KRYeSYlLEthOowQvHN+BFoOan/KV+ZBBEfeLshEVH1800PH079rn [email protected]
[root@localhost .ssh]# ssh [email protected]
The authenticity of host '10.0.2.15 (10.0.2.15)' can't be established.
ECDSA key fingerprint is SHA256:QuS4L6THeADM3j6yomwT6Luei5Rr1eqGLYrzNSGMAt8.
ECDSA key fingerprint is MD5:ec:a6:17:60:96:56:80:8d:d8:e9:21:92:a2:dd:4a:7b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.2.15' (ECDSA) to the list of known hosts.
Last login: Wed May 15 21:45:42 2019 from 192.168.56.1
[root@localhost ~]#
第一次需要 確認 以後就不需要確認了
然後設置第二臺機器 並 驗證 步驟 和第一臺一致
接下來就是把兩臺機器的公鑰互相交換複製到對方的authorized_keys文件中
[root@localhost ~]# cd /root/.ssh
[root@localhost .ssh]# scp -p ./id_rsa.pub [email protected]:/root/.ssh/[email protected]'s password:
id_rsa.pub 100% 408 754.2KB/s 00:00
[root@localhost .ssh]#
[root@localhost ~]# cd /root/.ssh
[root@localhost .ssh]# scp -p ./id_rsa.pub [email protected]:/root/.ssh/authorized_keys
\[email protected]'s password:
id_rsa.pub 100% 408 612.4KB/s 00:00
[root@localhost .ssh]#
驗證:
[root@localhost .ssh]# ssh [email protected]
Last login: Wed May 15 23:44:20 2019 from 10.0.2.15
[root@localhost ~]# exit
登出
Connection to 10.0.2.15 closed.
[root@localhost .ssh]#
[root@localhost .ssh]# ssh [email protected]
Last login: Thu May 16 00:20:27 2019 from 10.0.2.4
[root@localhost ~]# exit
logout
Connection to 10.0.2.4 closed.
[root@localhost .ssh]#
完畢