Liunx下ssh免密登录

演示从172.16.10.172免密登录到172.16.101.73
两台服务器的hostname

  • 172.16.10.172 master
  • 172.16.10.173 node1
  1. 在172.16.10.172 生成rsa公私钥
    必须在用户目录下的.ssh目录下生成公私钥
    如果用root用户登录的话,那么目录应用为/root/.ssh
[root@docker01 /]# cd /root/.ssh/
[root@docker01 .ssh]#

执行以下命令, 一直按Enter直到生成完成

ssh-keygen -t rsa

生成完成后,/root/.ssh目录下会有两个文件id_rsa、id_rsa.pub

  • id_rsa 私钥
  • id_rsa.pub 公钥
[root@docker01 .ssh]# ls
id_rsa  id_rsa.pub  known_hosts
  1. 把公钥复制到需要免密登录的服务器上172.16.10.173
    在/root.ssh目录下复制id_rsa.pub
[root@docker01 .ssh]# scp ./id_rsa.pub [email protected]:/root/.ssh/auth_key_master.pub
The authenticity of host '172.16.10.173 (172.16.10.173)' can't be established.
ECDSA key fingerprint is 85:5b:d9:7e:01:b3:fa:1c:72:80:6b:c8:15:73:82:b6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.10.173' (ECDSA) to the list of known hosts.
[email protected]'s password:
id_rsa.pub                                                         100%  405     0.4KB/s   00:00
[root@docker01 .ssh]#

id_rsa.pub 传过去后改了一个名字 auth_key_master.pub

  1. 在172.16.10.173服务器上把auth_key_master.pub公钥内容进行公钥合并
    查看公钥
[root@docker01 ~]# cd /root/.ssh/
[root@docker01 .ssh]# ls
auth_key_master.pub  id_rsa  id_rsa.pub  known_hosts

执行合并

[root@docker01 .ssh]# cat auth_key_master.pub >> authorized_keys
# 说明:如果authorized_keys不存在就会自动创建,如果存在就会追加
  1. 验证免密登录
    在172.16.10.172上输入ssh [email protected]
[root@docker01 .ssh]# ssh [email protected]
Last login: Tue Nov  6 14:27:44 2018 from 192.168.10.103

登录成功

你可能感兴趣的:(Liunx下ssh免密登录)