YiluPHP
这家伙很懒,什么都没有留下...
获赞
32

经验 centos(linux)如何配置ssh免密登录

浏览数 195658
依赖ssh协议的服务有openssh、sftp、scp等,如果每次使用的时候都需要输入密码,那将会很麻烦。所以我们需要配置ssh的免密码登录,其中分为root和普通用户的配置

方法/步骤
  1. 使用ssh-keygen生成私钥公钥对,一直输入回车即可
    # ssh-keygen
    Generating public/private rsa key pair.
    Enter file in which to save the key (/root/.ssh/id_rsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /root/.ssh/id_rsa.
    Your public key has been saved in /root/.ssh/id_rsa.pub.
    The key fingerprint is:
    SHA256:1AVKq6rur+0U5iX5aN5lVaVe0qtjpo5ORSuIuVqTpxo root@FGit
    The key's randomart image is:
    +---[RSA 2048]----+
    |        . ... .  |
    |       . + . +   |
    |        + o + o  |
    |     + + . + o . |
    |    B + S + . .  |
    |   o X   +   .   |
    |  E @ o +   =    |
    |   X = + . + .   |
    | oB=* ..o.o      |
    +----[SHA256]-----+
  2. 查看生成的公钥,目的是验证该文件是否存在和格式是否正确,一般后面会把主机名带上,检查好格式
    #cat /root/.ssh/id_rsa.pub
    ssh-rsa AAAAB3NzaC1yc2E------中间好长-----------89rCkH root@ZJname
  3. 将公钥推送到远端服务器上,第一次需要验证密码
    #ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.10.188
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "./id_rsa.pub"
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@192.168.10.188's password:

    Number of key(s) added: 1

    Now try logging into the machine, with: "ssh '192.168.10.188'"
    and check to make sure that only the key(s) you wanted were added.
  4. 出现“wanted were added”说明添加成功了,如上所示

使用普通用户使用获得公钥私钥对
  1. 使用ssh-keygen生成私钥公钥对,一直输入回车即可
    # ssh-keygen
    Generating public/private rsa key pair.
    Enter file in which to save the key (/root/.ssh/id_rsa):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /root/.ssh/id_rsa.
    Your public key has been saved in /root/.ssh/id_rsa.pub.
    The key fingerprint is:
    SHA256:1AVKq6rur+0U5iX5aN5lVaVe0qtjpo5ORSuIuVqTpxo root@FGit
    The key's randomart image is:
    +---[RSA 2048]----+
    |        . ... .  |
    |       . + . +   |
    |        + o + o  |
    |     + + . + o . |
    |    B + S + . .  |
    |   o X   +   .   |
    |  E @ o +   =    |
    |   X = + . + .   |
    | oB=* ..o.o      |
    +----[SHA256]-----+
  2. 使用普通用户推送公钥的时候如果两边的用户不同,一定要带上用户,不能默认
    ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.10.188,如加粗的部分
  3. 配置完成验证,已经实现了免密码登录



我来说说