Linux-CentOS虚拟机之间设置SSH免密登录

1、需求:现有三台虚拟机,设置三台虚拟机之间互相SSH登录时不需要密码

如三台虚拟机ip分别是:

192.168.1.201
192.168.1.202
192.168.1.203

2、操作步骤

  • 1)首先在192.168.1.201 上执行如下命令:
ssh-keygen -t dsa

然后继续默认输入三次回车,如下:
Linux-CentOS虚拟机之间设置SSH免密登录_第1张图片

  • 2)分别在192.168.1.202和192.168.1.203上分别执行上述步骤1
    Linux-CentOS虚拟机之间设置SSH免密登录_第2张图片
    Linux-CentOS虚拟机之间设置SSH免密登录_第3张图片
  • 3)在三台虚拟机上分别执行如下命令:
cat /root/.ssh/id_dsa.pub

如:
在这里插入图片描述

  • 4)在192.168.1.201上的/root/.ssh/目录下创建authorized_keys文件,内容为上述步骤3中查询到的三个公钥
    在这里插入图片描述
  • 5)在192.168.1.202和192.168.1.203上分别按照上述步骤4执行,即在三台虚拟机上的/root/.ssh/目录下创建authorized_keys文件,然后将三台虚拟机上的ssh产生的公钥均放进去,即此时已经OK
  • 6)验证:
(base) [root@redrose2100 ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.201  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::ffbc:4a04:cbc5:1ad2  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::8533:7fa:153f:d6a6  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::932c:a8f0:34a8:eb30  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:83:f8:64  txqueuelen 1000  (Ethernet)
        RX packets 4941  bytes 3539336 (3.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2170  bytes 234901 (229.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

(base) [root@redrose2100 ~]# ssh 192.168.1.202
The authenticity of host '192.168.1.202 (192.168.1.202)' can't be established.
ECDSA key fingerprint is SHA256:GAtkLjUNBNYBgdP0BflGb20oNs7+6J3bAl/UOc4DEhw.
ECDSA key fingerprint is MD5:fd:e0:ea:11:2a:dc:80:9a:46:85:da:46:61:ab:c7:c3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.202' (ECDSA) to the list of known hosts.
Last login: Thu Jun 10 23:37:53 2021 from 192.168.1.106
(base) [root@redrose2100 ~]# ifconfig ens33
ens33: flags=4163  mtu 1500
        inet 192.168.1.202  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::ffbc:4a04:cbc5:1ad2  prefixlen 64  scopeid 0x20
        inet6 fe80::8533:7fa:153f:d6a6  prefixlen 64  scopeid 0x20
        ether 00:0c:29:75:8d:06  txqueuelen 1000  (Ethernet)
        RX packets 4258  bytes 3481445 (3.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1660  bytes 185878 (181.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

(base) [root@redrose2100 ~]# ssh 192.168.1.203
The authenticity of host '192.168.1.203 (192.168.1.203)' can't be established.
ECDSA key fingerprint is SHA256:GAtkLjUNBNYBgdP0BflGb20oNs7+6J3bAl/UOc4DEhw.
ECDSA key fingerprint is MD5:fd:e0:ea:11:2a:dc:80:9a:46:85:da:46:61:ab:c7:c3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.203' (ECDSA) to the list of known hosts.
Last login: Thu Jun 10 23:38:00 2021 from 192.168.1.106
(base) [root@redrose2100 ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.203  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::ffbc:4a04:cbc5:1ad2  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::8533:7fa:153f:d6a6  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::932c:a8f0:34a8:eb30  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:61:96:d5  txqueuelen 1000  (Ethernet)
        RX packets 3951  bytes 3337413 (3.1 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1822  bytes 310619 (303.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

(base) [root@redrose2100 ~]# ssh 192.168.1.201
The authenticity of host '192.168.1.201 (192.168.1.201)' can't be established.
ECDSA key fingerprint is SHA256:GAtkLjUNBNYBgdP0BflGb20oNs7+6J3bAl/UOc4DEhw.
ECDSA key fingerprint is MD5:fd:e0:ea:11:2a:dc:80:9a:46:85:da:46:61:ab:c7:c3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.201' (ECDSA) to the list of known hosts.
Last login: Thu Jun 10 23:37:40 2021 from 192.168.1.106
(base) [root@redrose2100 ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.201  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::ffbc:4a04:cbc5:1ad2  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::8533:7fa:153f:d6a6  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::932c:a8f0:34a8:eb30  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:83:f8:64  txqueuelen 1000  (Ethernet)
        RX packets 5453  bytes 3597632 (3.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2605  bytes 283014 (276.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

(base) [root@redrose2100 ~]# exit
logout
Connection to 192.168.1.201 closed.
(base) [root@redrose2100 ~]# exit
logout
Connection to 192.168.1.203 closed.
(base) [root@redrose2100 ~]# exit
logout
Connection to 192.168.1.202 closed.
(base) [root@redrose2100 ~]#

你可能感兴趣的:(Linux,linux,centos)