三步实现Linux下主机之间SSH免密登录

环境:

系统版本:

[root@localhost ~]# cat /etc/redhat-release 
CentOS Linux release 7.5.1804 (Core)       //Centos 7.5系统

安装SSH:

[root@localhost ~]# rpm -qa | grep ssh    //是否安装ssh
openssh-7.4p1-16.el7.x86_64
openssh-clients-7.4p1-16.el7.x86_64
openssh-server-7.4p1-16.el7.x86_64
libssh2-1.4.3-10.el7_2.1.x86_64

主机:

目标服务器:192.168.2.161
源服务器:192.168.2.195

配置免密:

1.在源服务器端生成密钥

[root@localhost ~]# ssh-keygen -t rsa     //无需配置,一路回车
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
/root/.ssh/id_rsa already exists.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:`[root@localhost ~]# ls ./.ssh/
authorized_keys  id_rsa  id_rsa.pub  known_hosts`
SHA256:8vvhVMFr1nPngJkod+CoCBfDxD2aCcO1duiXW9dZE6Y root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
| . oo.        o  |
|  +o.oo    . o . |
|   oB+..  . E o  |
|   o++ . o + X . |
|  . o + S = % + o|
|   o o * + =   =.|
|    . o . o     .|
|         + .     |
|        ..o      |
+----[SHA256]-----+

2.查看生成的公私钥

[root@localhost ~]# ls ./.ssh/
authorized_keys  id_rsa  id_rsa.pub  known_hosts
  • id_rsa 私钥
  • id_rsa.pub 公钥

3.上传公钥至目标服务器端

[root@localhost ~]# ssh-copy-id -i ./.ssh/id_rsa.pub [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "./.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.2.161's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.2.161'"
and check to make sure that only the key(s) you wanted were added.

4.测试免密登录目标服务器端

[root@localhost ~]# ssh [email protected]    //成功免密登录
Last login: Tue Mar 24 17:03:27 2020 from 192.168.2.161

小结:
 以上配置只是单向免密,如果需要配置目标服务器与源服务器之间互相免密登录,需要在目标服务器上做同样的操作,将公钥上传至源服务器端即可。

↓↓↓↓↓↓

最近刚申请了个微信公众号,上面也会分享一些运维知识,大家点点发财手关注一波,感谢大家。 【原创公众号】:非著名运维 【福利】:公众号回复 “资料” 送运维自学资料大礼包哦!
在这里插入图片描述

你可能感兴趣的:(Linux)