ssh免密登录 公钥私钥认证

系统安全 Liemer_Lius 150℃

主机:192.168.111.133

本实验是当前主机的root用户和lius用于之间的免密配置。

第一步:生成密钥

# ssh-keygen -t rsa -P ” -f ~/.ssh/id_rsa
-t: 类型rsa
-P ”: 密钥文件不加密,缺省不加密,但需要额外敲回车。
-f: 密钥文件的存放位置,默认就是~/.ssh/,可以不指定,但需要额外敲回车。

# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
a4:2d:6d:31:79:c2:a1:f4:66:e0:3b:77:c6:17:d0:ca [MD5] root@linux-t7tx
The key's randomart image is:
+--[ RSA 2048]----+
|      o . ..     |
|     o = o ..    |
|      o @....    |
|       O *E  .   |
|      = S + .    |
|       = o .     |
|                 |
|                 |
|                 |
+--[MD5]----------+

第二步:复制公钥到服务端

# ssh-copy-id -i ~/.ssh/id_rsa.pub lius@192.168.111.133
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'lius@192.168.111.133'"
and check to make sure that only the key(s) you wanted were added.

第三步:验证

# ssh -i ~/.ssh/id_rsa lius@192.168.111.133 "echo Hello"
Hello
-i: 指定私钥的位置,缺省路径就是:~/.ssh/id_rsa,也就是说,如果密钥的存放位置默认的话,无需指定。
 # ssh lius@192.168.111.133 "echo Hello"
Hello

 

转载请注明:skelchina.com » ssh免密登录 公钥私钥认证

喜欢 (0)