ssh-keygen设置无密码登录

1：在Client上产生一对密钥，执行ssh-keygen命令，需要输入的地方直接回车，接受缺省值即可，输出如下：

[logbak@bbf .ssh]$ ls
authorized_keys id_rsa.pub
[logbak@bbf .ssh]$ ssh-keygen -d
Generating public/private dsa key pair.
Enter file in which to save the key (/home/logbak/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/logbak/.ssh/id_dsa.
Your public key has been saved in /home/logbak/.ssh/id_dsa.pub.
The key fingerprint is:
b5:4b:54:0c:96:a2:6d:57:4d:ab:ff:80:48:9a:7f:06 logbak@bbf

这时候，在/home/user/.ssh目录下，存有一对密钥id_dsa和id_dsa.pub。

2：当公钥id_dsa.pub以任何方式上传到Server上，如：

[logbak@bbf .ssh]$ scp id_dsa.pub Server:/home/user

3:登录到Server上，执行以下命令

cat id_dsa.pub >> /home/user/.ssh/authorized_keys

注意，目录.ssh和文件authorized_keys的权限。权限大了可能造成无密码登录失败。.ssh的权限700， authorized_keys的权限600， 就够了。不管是什么原因， 查/var/log/secure就明白了。