兩臺linux服務器之間建立ssh信任關係

 前景:
昨天在家配置rsync同步用到命令：

#rsync -avz --progress -e "ssh -p22" [email protected]:/data/www/wwwroot/ /data/www/wwwroot/

複製代碼

提示我輸入192.168.22.149這臺機器的密碼
可是這在實際環境中運用是不可取的，要讓B與A時建立ssh信任，登陸不要輸入密碼

過程：
軟硬件環境： 兩臺linux服務器A和B 都編譯安裝上最新版的openSSH(建議)

openSSH的默認設置是允許root可以直接login. (PermitRootLogin yes),暫且保留這種設置，我們先考慮如何用SSH直接從A到B不需要密碼，假設用用戶root登錄到A，想SSH到B也作爲root不需要密碼。

1。 分別從A和B上登錄作爲root後運行
#ssh-keygen
目的是簡單地在/root下創建目錄.ssh,當提示輸入 passphase時打入兩次回車。這將生成下面這兩個文件：

/root/.ssh/id_rsa
/root/.ssh/id_rsa.pub

複製代碼

2。 先測試一下，從A登錄作爲root，輸入
#ssh B
會要求提示

[email protected]'s password:  

複製代碼

3。 現在從A登錄作爲root，運行
#scp /root/.ssh/id_rsa.pub root@[B:ip]:/root/.ssh/authorized_keys
文件名必須不能弄錯。

4。現在再從A運行
#ssh B
//則不需要密碼了

實例：
A:
#ssh-keygen

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):  [回車]
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): [回車]
Enter same passphrase again: [回車]
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
01:90:08:9e:7d:42:69:01:96:52:d7:ca:9f:53:43:df root@test-1

複製代碼

B：
#ssh-keygen

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): [回車]
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): [回車]
Enter same passphrase again: [回車]
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
3c:40:6d:c7:24:d1:99:27:5f:ea:5e:a4:41:0d:5a:26 root@test-2

複製代碼

#scp /root/.ssh/id_rsa.pub [email protected]:/root/.ssh/authorized_keys

[email protected]'s password: [輸入密碼]

複製代碼

# ssh 192.168.22.149

Last login: Mon Mar  2 11:37:22 2009 from 192.168.22.156

複製代碼

信任關係建立成功……