生成公钥私钥:
[root@client ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
c6:66:93:16:73:0b:bf:46:46:28:7d:a5:38:a3:4d:6d root@client
The key's randomart image is:
+--[ RSA 2048]----+
| . |
| . + o |
| . @ E |
| * & . |
| . S = |
| = + . |
| o |
| . |
| |
+-----------------+
默认会生成到 ~/.ssh 下:
[root@client ~]# ls -l ~/.ssh
total 8
-rw-------. 1 root root 1675 Jul 27 15:01 id_rsa
-rw-r--r--. 1 root root 406 Jul 27 15:01 id_rsa.pub
设置权限:
chmod 700 ~/.ssh && chmod 600 ~/.ssh/*
拷贝到服务器上
[root@client ~]# ssh root@server 'mkdir -p /root/.ssh'
[root@client ~]# scp /root/.ssh/id_rsa.pub root@server:/root/.ssh/authorized_keys
[root@client ~]# ssh root@server 'chmod 700 /root/.ssh && chmod 600 /root/.ssh/*'
安装必要组件
[root@client ~]# ssh root@server 'yum install openssh-clients'
最重要的一步,如果服务端开了 selinux, 则必须修改 .ssh 的权限,不做这一步,上面做的再好也登录不了。
[root@client ~]# ssh root@server 'restorecon -R -v /root/.ssh'
搞定收工~