linux 服务器SSH免密登录

linux 服务器SSH免密登录

配置步骤：

1. 首先取消ssh远程登录首次询问步骤

#除此处修改其他配置均为默认配置
[root@CentOS-7 ~]# vim /etc/ssh/ssh_config
33 StrictHostKeyChecking no # 修改ask为no
#重启sshd服务
[root@CentOS-7 ~]# systemctl restart sshd 

2. 登录主机 A(10.0.0.27)，在A主机生成自己的ssh-key；

#执行生成密钥命令
[root@CentOS-7 ~]# ssh-keygen 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):  #输入key文件保存路径，默认:/家目录/.ssh
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):  #key秘密，可以为空
Enter same passphrase again: #再次输入
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:PkWLLzFCJ+Ctv9p7dx6DoTJ2m/DKauAIJVcO4fTYjKw root@CentOS-7
The key's randomart image is:
+---[RSA 2048]----+
|  o..            |
| +.B.o           |
|  =+= + . .      |
|..o .o o o .     |
|E+  . . S +      |
|. .  . o * o     |
|.o .  * * o o    |
|. . .+ B.=. .o   |
|   .oo*++. o.    |
+----[SHA256]-----+
# 进入目录查看密钥生成结果
[root@CentOS-7 ~]# cd ~/.ssh/ 
[root@CentOS-7 .ssh]# ls
id_rsa  id_rsa.pub
#将A主机公钥拷贝至B主机
[root@CentOS-7 .ssh]# ssh-copy-id 10.0.0.37
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.0.0.37 (10.0.0.37)' can't be established.
ECDSA key fingerprint is SHA256:+0wY4dS041OiFMY/q8CB/p6hT1Vc/agoGO4SeWCm72g.
ECDSA key fingerprint is MD5:ec:0a:c6:f1:08:c1:e2:5b:ac:38:df:a5:6d:f9:42:9c.
Are you sure you want to continue connecting (yes/no)? yes
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.37's password:     # B主机登录密码

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '10.0.0.37'"
and check to make sure that only the key(s) you wanted were added.

3. 登录 B 主机查看 A 主机公钥是否拷贝至~/.ssh目录下

[root@CentOS-7 ~]# ls ~/.ssh/
authorized_keys  known_hosts   # authorized_keys 保存的A主机的公钥

4. 验证

[root@CentOS-7 ~]# ssh 10.0.0.37
Last login: Thu Jul  1 18:16:08 2021 from 10.0.0.1
[root@centos-37 ~]#