zoukankan      html  css  js  c++  java
  • ssh创建与添加密钥开启免密登陆 免确认机器指纹参数

     主要是两个步骤

    1.控制主机创建密钥对(私钥和公钥)

    2.把密钥对的公钥加入对方的认证列表中

    [root@vps ~]# ssh-keygen
    
    [root@vps ~]# ssh-copy-id user@192.168.9.111


    ssh-keygen -t dsa
    ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.9.111

    如果不是使用ssh-copy-id 命令把本机的公钥id_rsa.pub添加了远程主机认证列表 authorized_keys中

    可以使用免确认机器指纹参数免除第一次的yes确认直接登入,免除了“yes”确认

     ssh -o StrictHostKeyChecking=no user@192.168.9.111
    
    [root@vps ~]# ssh-keygen
    Generating public/private rsa key pair.
    Enter file in which to save the key (/root/.ssh/id_rsa):
    Created directory '/root/.ssh'.
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /root/.ssh/id_rsa.
    Your public key has been saved in /root/.ssh/id_rsa.pub.
    The key fingerprint is:
    SHA256:4iGGv/oqZhBk2wYs1+VIQBzeYNOh7zsfCUPa1N7d0EY root@vps
    The key's randomart image is:
    +---[RSA 2048]----+
    |.oB=oo.     E    |
    |.Bo*o+     o     |
    |+.* = o   . o    |
    |.. X . . . +     |
    | .+ B + S . .    |
    |.  + = +         |
    |.   o +          |
    |.o  .o .         |
    |o.o++o.          |
    +----[SHA256]-----+
    [root@vps ~]#
    [root@vps ~]# ssh-copy-id user@192.168.9.111
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
    The authenticity of host '192.168.9.243 (192.168.9.243)' can't be established.
    ECDSA key fingerprint is SHA256:eIe1dqiRPK325D/NXRvXDDNllNGNGXlreNh/o8jNXAY.
    ECDSA key fingerprint is MD5:6c:c9:4f:da:6d:fd:3f:3c:8e:a8:69:f5:59:67:16:15.
    Are you sure you want to continue connecting (yes/no)? yes
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    user@192.168.9.243's password:
    
    Number of key(s) added: 1
    
    Now try logging into the machine, with:   "ssh 'user@192.168.9.243'"
    and check to make sure that only the key(s) you wanted were added.
    
    [root@vps ~]#

    免交互批量分发公钥脚本:

    #!/bin/bash
    rm -rf /root/.ssh/id*
    ssh-keygen -t dsa -f /root/.ssh/id_dsa -N ""
                for ip in `cat ip`;
    do sshpass -p passwd ssh-copy-id -i /root/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no $ip" done
     
  • 相关阅读:
    Mondriaan's Dream POJ
    H
    Superdoku Kattis
    Corn Fields POJ
    旅行的意义 Gym
    G
    J
    Welcome Party ZOJ
    redis入门到精通系列(三):key的通用操作和redis内部db的通用操作
    redis入门到精通系列(二):redis操作的两个实践案例
  • 原文地址:https://www.cnblogs.com/firewalld/p/12167385.html
Copyright © 2011-2022 走看看