通过两台linux主机 配置ssh 实现互相免密登陆 的操作
免密登录我们可以理解为使用公钥登录,这里分别使用两台主机(client)和(server)作为实验主机。
首先让client免密登录server:在client上配置生成公钥和私钥,再将公钥发送给server主机,最后使用ssh登录server;如果登录成功我们就成功实现免密登录,在server端同样的操作就可以实现相互免密登录
[root@client ~]# ssh-keygen -t rsa // 非对称算法
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): //所保存的公钥文件地址
Enter passphrase (empty for no passphrase): 是否设置密码
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub私钥地址
The key fingerprint is:
SHA256:uRr7QU1LWwkkGvtBdLxLAxi3eAPCR3Sutm2nf0LGWXw root@client
The key's randomart image is:
+---[RSA 3072]----+
| ..o*+*o+ |
| ..o@.+.. . |
| .+ *.ooo |
| + B++o E |
| o So+= . |
| . + .* |
| o =o. |
| = +. . |
| o.o..o |
+----[SHA256]-----+
[root@client ~]# ll .ssh/
总计 8
-rw------- 1 root root 2590 1月13日 15:51 id_rsa
-rw-r--r-- 1 root root 565 1月13日 15:51 id_rsa.pub
[root@client ~]# ssh-copy-id 192.168.1.14 //发送到要登录的主机地址
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.14 (192.168.1.14)' can't be established.
ED25519 key fingerprint is SHA256:P7tf244ct+RmrIrPB0K8zUOKP1OC9SIO0uRqw5hHquk.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Authorized users only. All activities may be monitored and reported.
root@192.168.1.14's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.1.14'"
and check to make sure that only the key(s) you wanted were added.
[root@client ~]# ssh 192.168.1.14
[root@server ~]# 到这里就代表成功登录
之后在server端继续如上配置即可实现相互免密登录?