centos ssh 免密設置

 

1，生產密鑰

[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:f1RcvMGEeKh55zJOcgkihAUa+4w7Bp/A6XpZDy4YtbQ [email protected]
The key's randomart image is:
+---[RSA 2048]----+
| . .+.      o +o.|
|  +. .     o + +.|
| o  .     o . o o|
|. B  . . + . o . |
|o* =  . S o =    |
|+oE.o    o B .   |
| Bo+ o    * +    |
|+ = . .    o     |
|.. .             |
+----[SHA256]-----+
[root@localhost ~]# 

查看生成的密鑰

[root@localhost ~]# cd /root/.ssh/
[root@localhost .ssh]# ls -a
.  ..  id_rsa  id_rsa.pub
[root@localhost .ssh]# ll -a
total 8
drwx------. 2 root root   38 五月 15 23:37 .
dr-xr-x---. 4 root root  159 五月 15 23:37 ..
-rw-------. 1 root root 1679 五月 15 23:37 id_rsa
-rw-r--r--. 1 root root  408 五月 15 23:37 id_rsa.pub
[root@localhost .ssh]# 

把自己的公鑰配置給自己：

[root@localhost .ssh]# cp id_rsa.pub authorized_keys
[root@localhost .ssh]# ll
total 12
-rw-r--r--. 1 root root  408 五月 15 23:42 authorized_keys
-rw-------. 1 root root 1679 五月 15 23:37 id_rsa
-rw-r--r--. 1 root root  408 五月 15 23:37 id_rsa.pub
[root@localhost .ssh]# 

查看並驗證：

[root@localhost .ssh]# cat authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/7s/5n3njJgDF2r4YUlHHKg6sU7rHA8SotgJ8g9QUihbEseSi4ovVdKfWRUos8z4moMzpX6gGbdnB2pHfC7RYIkhYRhDx8N5sapBPKB4onsvNwfTIP/EjyXUjn48YLDfK/V2F6wkDAzooKOcvQlcPSvXFulVkTDfbaGBNwogoJVrm4Cpr0uI6+37y4jR0WuegPFfKDORXJyikycWy7Lw/2MtB4Tad3B96CLCtD2MLBGTqbu0iBLdWwrmHkfNmtOa20f1gU2uM2Qm7vlTV7BEsGIjSWb4Xm6f7KRYeSYlLEthOowQvHN+BFoOan/KV+ZBBEfeLshEVH1800PH079rn [email protected]
[root@localhost .ssh]# ssh [email protected]
The authenticity of host '10.0.2.15 (10.0.2.15)' can't be established.
ECDSA key fingerprint is SHA256:QuS4L6THeADM3j6yomwT6Luei5Rr1eqGLYrzNSGMAt8.
ECDSA key fingerprint is MD5:ec:a6:17:60:96:56:80:8d:d8:e9:21:92:a2:dd:4a:7b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.2.15' (ECDSA) to the list of known hosts.
Last login: Wed May 15 21:45:42 2019 from 192.168.56.1
[root@localhost ~]# 

第一次需要 確認 以後就不需要確認了

然後設置第二臺機器 並 驗證  步驟 和第一臺一致

接下來就是把兩臺機器的公鑰互相交換複製到對方的authorized_keys文件中

[root@localhost ~]# cd /root/.ssh
[root@localhost .ssh]# scp -p ./id_rsa.pub [email protected]:/root/.ssh/[email protected]'s password: 
id_rsa.pub                                       100%  408   754.2KB/s   00:00    
[root@localhost .ssh]# 


[root@localhost ~]# cd /root/.ssh
[root@localhost .ssh]# scp -p ./id_rsa.pub [email protected]:/root/.ssh/authorized_keys
\[email protected]'s password: 
id_rsa.pub                                       100%  408   612.4KB/s   00:00    
[root@localhost .ssh]# 

驗證：

[root@localhost .ssh]# ssh [email protected]
Last login: Wed May 15 23:44:20 2019 from 10.0.2.15
[root@localhost ~]# exit
登出
Connection to 10.0.2.15 closed.
[root@localhost .ssh]# 


[root@localhost .ssh]# ssh [email protected]
Last login: Thu May 16 00:20:27 2019 from 10.0.2.4
[root@localhost ~]# exit
logout
Connection to 10.0.2.4 closed.
[root@localhost .ssh]# 

完畢