Linux配置远程SSH无密码登录
linux  /  管理员 发布于 6年前   166
本文实例为大家分享了jaLinux配置远程SSH无密码登录的方法,供大家参考,具体内容如下
系统:CentOS 6.8
主机1:192.168.0.177
主机2:192.168.0.178
工具介绍:
ssh-keygen:创建公钥和密钥
ssh-copy-id:把生成的公钥复制到192.168.0.178主机上的authorized_keys文件上,
ssh-copy-id也会给远程主机的用户主目录(/home)和/root/.ssh和/root/.ssh/authorized_key设置合适的权限
1)创建公钥和密钥
[root@test ~]# ssh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa):Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:79:a9:66:cd:1a:a5:7c:82:80:c3:06:ec:44:13:b9:7a root@testThe key's randomart image is:+--[ RSA 2048]----+| +o ||o.. ||.o. ||o+ . . . ||..= . S + ||..E. . o B || . . O + || o = || . |+-----------------+
[root@test ~]#
2)拷贝公钥到远程主机
[root@test ~]# ls .ssh/authorized_keys id_rsa id_rsa.pub[root@test ~]#[root@test ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected] authenticity of host '192.168.0.178 (192.168.0.178)' can't be established.RSA key fingerprint is 53:bd:d7:e6:27:96:f3:70:f1:4b:4d:35:a4:38:1d:69.Are you sure you want to continue connecting (yes/no)? YESWarning: Permanently added '192.168.0.178' (RSA) to the list of known [email protected]'s password:Now try logging into the machine, with "ssh '[email protected]'", and check in:.ssh/authorized_keysto make sure we haven't added extra keys that you weren't expecting.[root@test ~]#
3)测试远程连接
[root@test ~]# ip addr show1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host loinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:7e:1f:f6 brd ff:ff:ff:ff:ff:ffinet 192.168.0.177/24 brd 192.168.0.255 scope global eth0inet6 fe80::20c:29ff:fe7e:1ff6/64 scope linkvalid_lft forever preferred_lft forever[root@test ~]#[root@test ~]# ssh 192.168.0.178Last login: Sat Sep 24 14:00:49 2016 from 192.168.0.103[root@test ~]#ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host loinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:36:93:06 brd ff:ff:ff:ff:ff:ffinet 192.168.0.178/24 brd 192.168.0.255 scope global eth0inet6 fe80::20c:29ff:fe36:9306/64 scope linkvalid_lft forever preferred_lft forever
查看192.168.0.177生成的authorized_keys
[root@test .ssh]# cat authorized_keysssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA+I6LXDE5DvSmQJcX98FpzScXoGpJ6fD47yXzp/tp/HTpOTQgNbiTjH6s6yNMsd5LQlBED8a5CTx5wKm+H7rT0po2xD+AZcF69js+4SwO8/xFwHLZ/8O64hsvn68GmxqO9vP8giWWcZNy/CsmOecllOB1NFXpCwQ1TBw+P4n84oj2YHwdSzGcre8j/OiAChHl6QHFtAuFvOdVRYFeyurFM8KP6Bb6tEeDDrqILboaQtTJOwRD2Fkt33C5lpuZNNGqc+DmRjDabgC3ZgzRCe3OyYbhaRlfiwVHFPYt7pDQMnrp/dUmyBSs/6gwd2CiK3cV4ZvpOzyGdynPqXsxIIBIKw== root@test
到此信任添加就完成了,192.168.0.177就可以无密码远程登录192.168.0.178服务器了,如果要想实现双向信任请在192.168.0.178
重复以上步骤,写本文目的只是想把会的东西记录下来,以备遗忘之时查阅!
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。
123 在
Clash for Windows作者删库跑路了,github已404中评论 按理说只要你在国内,所有的流量进出都在监控范围内,不管你怎么隐藏也没用,想搞你分..原梓番博客 在
在Laravel框架中使用模型Model分表最简单的方法中评论 好久好久都没看友情链接申请了,今天刚看,已经添加。..博主 在
佛跳墙vpn软件不会用?上不了网?佛跳墙vpn常见问题以及解决办法中评论 @1111老铁这个不行了,可以看看近期评论的其他文章..1111 在
佛跳墙vpn软件不会用?上不了网?佛跳墙vpn常见问题以及解决办法中评论 网站不能打开,博主百忙中能否发个APP下载链接,佛跳墙或极光..路人 在
php中使用hyperf框架调用讯飞星火大模型实现国内版chatgpt功能示例中评论 教程很详细,如果加个前端chatgpt对话页面就完美了..Copyright·© 2019 侯体宗版权所有· 粤ICP备20027696号