生成密钥对儿:
[root@Ams ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
67:37:f3:cb:90:37:b7:83:19:27:e6:85:4e:e9:68:ec root@Ams
The key's randomart image is:
+–[ RSA 2048]—-+
| |
| |
| |
| |
| S o + o |
| o . % o |
| . X @ .|
| + X =.|
| oE o..|
+—————–+
[root@Ams ~]# ls .ssh/
id_rsa id_rsa.pub known_hosts
[root@Ams ~]#
把公钥传输至远程服务器对应用户的家目录:
[root@Ams ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.1.117
root@192.168.1.117's password:
Now try logging into the machine, with "ssh 'root@192.168.1.117'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@Ams ~]#
现在可以直接登录了:
[root@Ams ~]# ssh root@192.168.1.117
Last login: Sun Jul 31 22:56:04 2016 from 192.168.1.115
[root@bluee ~]#
执行命令也不需要输入密码了。将来集群就需要这样认证:
[root@Ams ~]# ssh root@192.168.1.117 'ifconfig'
eth0 Link encap:Ethernet HWaddr 00:0C:29:C1:45:55
inet addr:192.168.1.117 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec1:4555/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:80321 errors:0 dropped:0 overruns:0 frame:0
TX packets:62829 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:76646060 (73.0 MiB) TX bytes:6192366 (5.9 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:980 errors:0 dropped:0 overruns:0 frame:0
TX packets:980 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:97916 (95.6 KiB) TX bytes:97916 (95.6 KiB)
[root@Ams ~]#
2016-08-01
原创文章,作者:mississippi,如若转载,请注明出处:http://www.178linux.com/27071
