Linux免密码登录设置 ssh-keygen

linux系统配置免密码的方式：

1：ssh-keygen -t rsa

生成密钥

[root@ebs-62781 ~]# ssh-keygen -t  rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
5d:3c:0c:d1:c7:4d:b8:8c:7e:35:66:89:ae:75:fa:e8 root@ebs-62781
The key's randomart image is:
+--[ RSA 2048]----+
|          oo . +.|
|           +. + .|
|            =+...|
|         . ..oo=.|
|        S ... o..|
|            .o.. |
|            o.o  |
|           . ..  |
|            .E.. |
+-----------------+
 

2：ssh-copy-id  -i ~/.ssh/id_rsa.pub  [email protected]

把本机的公钥追到116.255.34.112的 .ssh/authorized_keys 里

[root@ebs-62781 ~]# ssh-copy-id  -i ~/.ssh/id_rsa.pub  [email protected]
 

3：测试

[root@ebs-62781 ]$ ssh 116.255.34.112
Last login: Thu Aug  7 16:37:55 2014 from 116.255.34.110
[root@ebs-62781 ]$ 

4：如果ssh的端口不是22，可用下面命令
[root@ebs-63215 ~]# ssh-copy-id  -i ~/.ssh/id_rsa.pub '-p 2200 [email protected]'

5.如线上服务器会对ssh服务改成非22端口，这时候，在服务器之间建立双机互信的情况下，若使用ssh-copy-id命令，不经过特定的语法，会报错。

比如:

[root@localhost ~]# ssh-copy-id -i  /root/.ssh/id_rsa.pub  '-p 20460 root@*.*.*.*'
Now try logging into the machine, with "ssh '-p 10022 root@*.*.*.*'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.