- 在需要使用密钥登录的主机上登录需要免密码登录的用户账户
su - www
- 产生密钥
ssh-keygen -t rsa
[www@node1 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/www/.ssh/id_rsa):
Created directory '/home/www/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/www/.ssh/id_rsa.
Your public key has been saved in /home/www/.ssh/id_rsa.pub.
The key fingerprint is:
21:c0:c1:ba:62:bb:a4:c9:c9:fd:e9:26:06:9f:b9:34 www@node1
The key's randomart image is:
+--[ RSA 2048]----+
| oo. |
| o. |
| . . . |
| . . . |
| . S |
|.o. |
|.o+Eo |
|=o+*... |
|o=oo*+ |
+-----------------+
- 查看生成的密钥(公钥)
[www@node1 /]$ ll /home/www/.ssh/
总用量 8
-rw------- 1 www www 1679 9月 15 11:45 id_rsa #私钥
-rw-r--r-- 1 www www 391 9月 15 11:45 id_rsa.pub #公钥
[www@node1 /]$ cat /home/www/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiq27202vWD7ozja2DZ4BJeb1ETsNfktTaUr3Y2ISmlWHQ7SfOSWH3rnmJht4hPYmYUlR40YBODICKmpxz+1c0UlrpKB0fmw5w1wWGNw+rSAjuEvO4/ae91lxzL/t9may0bB506WQQ9MT07+nl7jXvzfY0SQ3CWR7zwwp9MJ2ZdA/5XNA06HqAsxnbUQ6jgMt8Ef6CH0FT7ewxHNlIfdU8RhGLrzXmBRYVWKNFDt7EF/QFCLxD2sAzxy0+FhCNaQ1szn7wH2WOgdtGZlS6zoXSFlFkpMvbi9mR1I/E89shv5OROBpARfVxSjwMF+Gmk9MkEUKXhp2R9WrqOgS6NGRx www@node1
在需要使用密钥免密码被登录的主机上登录同名同UID的用户并拷贝对方的公钥内容到本机的/home/用户名/.ssh/authorized_keys文件内(文件不存在,需要vim创建)
[www@node2 .ssh]$ vim /home/www/.ssh/authorized_keys
[www@node2 .ssh]$ cat /home/www/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiq27202vWD7ozja2DZ4BJeb1ETsNfktTaUr3Y2ISmlWHQ7SfOSWH3rnmJht4hPYmYUlR40YBODICKmpxz+1c0UlrpKB0fmw5w1wWGNw+rSAjuEvO4/ae91lxzL/t9may0bB506WQQ9MT07+nl7jXvzfY0SQ3CWR7zwwp9MJ2ZdA/5XNA06HqAsxnbUQ6jgMt8Ef6CH0FT7ewxHNlIfdU8RhGLrzXmBRYVWKNFDt7EF/QFCLxD2sAzxy0+FhCNaQ1szn7wH2WOgdtGZlS6zoXSFlFkpMvbi9mR1I/E89shv5OROBpARfVxSjwMF+Gmk9MkEUKXhp2R9WrqOgS6NGRx www@node1
必须更改authorized_keys文件权限,如果不更改authorized_keys文件权限,SSH时就还会提示输入密码
[www@node2 .ssh]$ chmod 600 authorized_keys
- 测试登录node2
[www@node1 /]$ ssh 10.0.0.10
Last login: Fri Sep 15 12:08:05 2017 from 10.0.0.9
[www@node2 ~]$