ssky-keygen + ssh-copy-id 无密码登陆
1、创建密钥对:
[root@rong .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
0e:f4:c4:0a:5f:df:93:d4:4d:4b:45:02:06:9a:c0:22 root@rong
2、上传到远程主机:
[root@rong .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
远程主机的sshd_config里为:
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
3、验证:
[root@rong2 .ssh]# ssh 192.168.0.2
Last login: Sat Jul 14 18:32:01 2012 from 192.168.0.2
[root@rong ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0C:29:E4:87:99
inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee4:8799/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7861 errors:0 dropped:0 overruns:0 frame:0
TX packets:7923 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:780098 (761.8 KiB) TX bytes:1160603 (1.1 MiB)
Interrupt:59 Base address:0x2000
############################################################
第一步:密钥对的生成.
在SecureCRT中建立一个新的连接.
protocol选ssh2
hostname输入要连接的主机IP.
Port输入目标主机上sshd的端口号.
username输入要登录的用户名.
在Authentication中的Primary选publickey.选取"Properties..."按钮.出现Public Key Properties窗口.
选"Create Identity File"按钮.出现Key Generation Wizard窗口.选"下一步"出现窗口.要求选取Public Key Type.可以选RSA/DSA加密方式.按"下一步".出现窗口.要求输入私钥的保护密码.这个可输,也可不输.如果不输的话.当用SecureCRT 登录到Linux服务器时,无需任合密码就可以登录了.按"下一步",出现要求输入密钥对加密长度的窗口.可在512-2048之间选择.按"下一步". 开始生成密钥对.密钥对生成完毕后.按"下一步".选择密钥对保存的位置.保存完毕后.会问是否上传公钥,选"否",至此密钥对生成完毕.
第二步:公钥的上传及设置
a.上传公钥(默认的后缀名为.pub).一般是用ftp上传.注意上传之前,一定要以ASCII格式上传.
b.服务器端的设置.首先要在要登录的用户home目录下建一个.ssh目录.作如下操作
$cd ~
~$mkdir .ssh
~$chmod 755 .ssh
~$ssh-keygen �Ci �Cf id_rsa.pub >>./.ssh/authorized_keys(这一步很重要,不然open ssh不认识SecureCRT生成的公钥.)
~$chmod 644 ./.ssh/authorized_keys
至此服务器端及客户端设置完毕.可以通过SecureCRT连上Linux服务器了