环境准备两台Linux服务器:
准备一台SSH服务端(系统环境centos6.5,ip地址192.168.100.100)
准备一台SSH客户端(系统环境centos6.5,ip地址192.168.100.101)
1.检查是否安装SSH软件包
[root@nfsserver ~]# rpm -qa openssh-server openssl
openssh-server-5.3p1-94.el6.x86_64
openssl-1.0.1e-15.el6.x86_64
2.启动SSH服务
[root@nfsserver ~]# /etc/init.d/sshd start
3.创建密钥对
[root@nfsserver ~]# ssh-keygen 一路回车
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
94:89:72:48:48:bb:89:cc:00:af:c0:69:e4:e8:13:5f root@nfsserver
The key's randomart p_w_picpath is:
+--[ RSA 2048]----+
|.o... |
|*.oo . . o |
|+*o oEo + |
|Booo.o . |
|o=o. S |
| . |
| |
| |
| |
+-----------------+
4.拷贝公钥至客户端
[root@Server ~]# ssh-copy-id -i .ssh/id_dsa.pub [email protected]
The authenticity of host '192.168.100.101 (192.168.100.101)' can't be established.
RSA key fingerprint is 5d:1b:b2:67:84:23:83:f9:59:3b:bd:91:b5:8f:c2:a9.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.100.101' (RSA) to the list of known hosts.
[email protected]'s password:
Now try logging into the machine, with "ssh '[email protected]'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
5.测试登录,无需密码直接登录客户端
[root@Server ~]# ssh [email protected]
6.ssh-copy-id非22端口的使用方法
[root@Server ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub '-p 端口号 [email protected]'