1、上次本机的公钥和私钥
[root@vicweb ~]#ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 24:ef:78:23:bf:51:2f:40:8b:b8:c8:f6:87:34:69:a4 root@vicweb.localdomain The key's randomart image is: +--[ RSA 2048]----+ | | | | | . o | | .. * . | | o... S . | | .E.=. o o . | | +o.oo = . . | | . .. .+ o . | | .. o. | +-----------------+
2、查看生产的文件(非必要操作,只是确认一下)
3、把公钥传输到指定机器,需要免密码ssh登录的机器,使用ssh-copy-id命令
[root@vicweb ~]#ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.10.90.102 The authenticity of host '10.10.90.102 (10.10.90.102)' can't be established. RSA key fingerprint is 05:90:7f:36:f2:c4:55:15:16:2d:27:54:30:67:c7:74. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.10.90.102' (RSA) to the list of known hosts. root@10.10.90.102's password: Now try logging into the machine, with "ssh 'root@10.10.90.102'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.
check in到了对方的 authorized_keys文件,对方机器默认是没有这个文件的,会自动生产一个这个文件,并把自己的公钥写到这个文件
4、测试登录即可
[root@vicweb ~/.ssh]#ssh root@10.10.90.102 Last login: Thu Nov 9 09:24:35 2017 from 10.10.90.1
已实现自动登录,不需要在输入对方root的密码。