有两种拷贝文件的方式:
1、创建好秘钥后,使用scp、rsync等远程命令拷贝
1.1 创建用户并登录
[root@iZzm446eh1ux98Z ~]# useradd test [root@iZzm446eh1ux98Z ~]# passwd test [root@iZzm446eh1ux98Z ~]# su - test
1.2 生成秘钥
[test@iZzm446eh1ux98Z ~]$ mkdir .ssh [test@iZzm446eh1ux98Z ~]$ chmod 700 .ssh [test@iZzm446eh1ux98Z ~]$ ssh-keygen -t rsa -f .ssh/id_rsa -P "" Generating public/private rsa key pair. Your identification has been saved in .ssh/id_rsa. Your public key has been saved in .ssh/id_rsa.pub. The key fingerprint is: SHA256:LdOSHz90renbdwRR08qqWSMydnsRWtxChSbgApMGSEs test@iZzm446eh1ux98Z The key's randomart image is: +---[RSA 3072]----+ |.E..o. .. o.oo| |o . oo . . + . o| | . . . . = o o | | . + = =. | | S +o.+...| | +=++=. o.| | . +.*ooo. | | + .o .o| | . o.+| +----[SHA256]-----+
1.3 将生成的公钥文件整合到认证文件里
[test@iZzm446eh1ux98Z ~]$ cp .ssh/id_rsa.pub .ssh/authorized_keys [test@iZzm446eh1ux98Z ~]$ chmod 600 .ssh/authorized_keys
1.4 将公钥拷贝到远端主机
[test@iZzm446eh1ux98Z ~]$ scp .ssh/authorized_keys test01@47.92.251.64:.ssh/
1.5 测试是否能够免密登录远程主机
[test@iZzm446eh1ux98Z ~]$ ssh test01@47.92.251.64 hostname test
2、使用copy-id的方式拷贝
前两步和第一种方法一样,此处忽略
2.3 使用copy-id的方式拷贝秘钥到远程主机
-i 参数用于指定将公钥拷贝到远端主机的位置
[test@iZzm446eh1ux98Z ~]$ ssh-copy-id -i .ssh/id_rsa.pub test01@47.92.251.64 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys test01@47.92.251.64's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'test01@47.92.251.64'" and check to make sure that only the key(s) you wanted were added.
2.4 测试
[test@iZzm446eh1ux98Z ~]$ ssh test01@47.92.251.64 hostname test