ssh密钥的分发 我们在使用客户端账号对主机记性管理的时候,可以分为以下两种情况: 1.第一种情况,直接使用root账号: 优点:使用root账号密钥分发简单,指令执行简单 缺点:不安全 2.第二种情况,使用普通用户账号: 优点:比较安全 缺点:配置比较复杂,命令执行的时候也比较复杂。 这里因为是测试环境,我们选择第一种情况,直接使用root账号来远程管理主机。 ssh密钥的分发这里我们有多种方式: 1.第一种,直接使用ssh自带的密钥分发工具命令ssh-copy-id: ssh-copy-id -i /root/.ssh/id_dsa.pub root@123.56.221.190 此时系统会自动将我们的公钥id_dsa.pub内容追加到被管理的服务端的/root/.ssh/authorized_keys文件中: """ [root@fengjunhua-server-master ~]# ssh-copy-id -i /root/.ssh/id_dsa.pub root@123.56.221.190 /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@123.56.221.190's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@123.56.221.190'" and check to make sure that only the key(s) you wanted were added. [root@fengjunhua-server-master ~]# ssh root@123.56.221.190 Welcome to Alibaba Cloud Elastic Compute Service ! [root@iZ2ze8f0b7nbnu9revua2nZ ~]# """ 如上所示,我们看到除了第一次分发密钥的时候需要提示输入密码,以后都不需要密码了。