环境说明
[root@localhost1 ~]# cat /etc/redhat-release CentOS release 6.5 (Final) [root@localhost1 ~]# uname -a Linux localhost1 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
生成秘钥
[root@localhost1 ~]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 5e:5a:d4:7f:97:29:39:54:b9:1b:eb:13:12:4c:bc:2b root@localhost1 The key's randomart image is: +--[ RSA 2048]----+ | . ..| | . o.. | | . +.. .| | . .=.oo| | S o ++o*| | . + E oo=.| | o . o .| | o | | .| +-----------------+
配置秘钥连接
[root@localhost1 ~]# cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys [root@localhost1 ~]# chmod 700 /root/.ssh/*
把本地主机的公钥复制到远程主机的authorized_keys文件上
[root@localhost1 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected] The authenticity of host '192.168.8.20 (192.168.8.20)' can't be established. RSA key fingerprint is 63:fe:c9:db:12:66:13:d0:23:e1:33:19:3d:cb:10:72. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.8.20' (RSA) to the list of known hosts. [email protected]'s password:
编辑ssh配置文件
[root@localhost1 ~]# vim /etc/ssh/sshd_config ······ 47 RSAAuthentication yes 48 PubkeyAuthentication yes
另一台机器反向做一遍即可实现两台之间免秘钥访问
