Linux之间ssh密钥登录

Linux之间ssh密钥登录

由于工作需要：服务器A免密登录服务器B
那么就需要再A上生成私钥与公钥，再将A的公钥加入到B的授权列表就可以实现A免密登录B

1. 进入密钥文件夹

	cd ~/.ssh

2. 生成密钥

 ssh-keygen -t rsa  //三次回车

[root@localhost .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:kglPELNYVTyqMGu1ROSqXbsZ1pqzU root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|    *+oo+.       |
|   = B...o       |
|  =.* +          |
| .o+ = +         |
| oo+o * S        |
|o+B.+.o.         |
|++  o o          |
|*o....           |
+----[SHA256]-----+
[root@localhost .ssh]# 

3. 将公钥传入服务器B

 	 ssh-copy-id root@192.168.0.2		//ip为服务器B的IP地址

 [root@localhost .ssh]# ssh-copy-id root@10.136.64.90
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.136.64.90 (10.136.64.90)' cant be established.
ECDSA key fingerprint is SHA256:oyjwThlMCjOJDf+AbYAcdEDjRkXuLYAJpB4
ECDSA key fingerprint is MD5:6b:5c:69:71:44:60:55:d6:da:df:51:ac:42:46:39:18.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.136.64.90s password: 
Number of key(s) added: 1
Now try logging into the machine, with:   "ssh 'root@10.136.64.90'"
and check to make sure that only the key(s) you wanted were added.
[root@localhost .ssh]# 

4. 搞定