登錄到Linux機器,執行命令,xxx替換成你自己的郵箱
smart@linx:~$ ssh-keygen -t rsa -C '**xxx**'
在需要輸入的地方按enter回車鍵即可,執行完成後輸出信息類似:
Generating public/private rsa key pair. Enter file in which to save
the key (/home/smart/.ssh/id_rsa): (按回車鍵)
Enter passphrase (empty for no passphrase): (按回車鍵)
Enter same passphrase again: (按回車鍵)
Your identification has been saved in /home/smart/.ssh/id_rsa. Your public key has been saved in
/home/smart/.ssh/id_rsa.pub. The key fingerprint is:
SHA256:20R1pQ2xDe9c8x60DoFIQRlMi2S0HWf8SHoHPvYLl1w xxx The key’s randomart image is:
±–[RSA 2048]----+ | .++B=o. =o.| | o =o*=… O | | o +=.+.oo=| | o * ooE=| | S + =.oo+| | + . =o…| | . . o …| | . | | |
±—[SHA256]-----+
根據提示信息找到ssh目錄,會看到私鑰id_rsa和公鑰id_rsa.pub這兩個文件。我這是/home/smart/.ssh目錄。
打開id_rsa.pub,會有類似如下的內容:
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQDUQEAPtWT/F79gJptiABsK5RVvJzINRoGe+m0ChMT0dI16KWKJq4UrCL348CTNe4q93zOMxdqq616z0kPgoXVOAjGw9Eu/iKzjVHHj2Ty77QLdfQqNWWnWwNz+TznWmXw7YyYC6LdovlrU4THS02g0vhJ5RMiTq20yAMML/9iWk7LhvJexZ1qKvFEF2R/oteftoTJ7wQpQzuW3v/CXIBlcOb+Qa/6vU+9d1fRykTOOaD2kApQka4OTqT7oRjqv+kFNa316/bwdOUwdIISdB4eqqMsnkA4dx3Z+TuccYI0ocb8mTxeelf6jkc1EometpzkwsxAEJDSmR0cZuCmjJc97
xxx
假如現在有兩臺機器node1(192.168.100.55)和node2(192.168.100.57),現在想實現從node1免密登錄node2,實現方法如下:
1.先按照上面的步驟,在node1生成密鑰。
2.再執行如下命令將node1的公鑰認證authorized_keys複製到node2的.ssh目錄下
[root@node-build .ssh]# ssh-copy-id 192.168.100.57
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.100.57's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.100.57'"
and check to make sure that only the key(s) you wanted were added.
3.重新執行ssh 192.168.100.57,會發現登錄時不會要求再輸入密碼
[root@node-build .ssh]# ssh 192.168.100.57
Last login: Tue Jun 2 02:02:34 2020 from 192.168.100.27
[root@node7 ~]#