SSH免密登录配置
本次使用3台客户端,实现各个客户端之间的免密登录,一般配合hosts文件使用
环境信息
| 操作系统 | Ubuntu24.04 |
|---|---|
| node1 | 10.0.0.14 |
| node2 | 10.0.0.15 |
| node3 | 10.0.0.16 |
以node3示例,另外两台客户端重复一下相同步骤即可。
#修改/etc/hosts文件
root@node3:~# cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 ubuntu24-13
10.0.0.14 node1 node1.chen.com
10.0.0.15 node2 node2.chen.com
10.0.0.16 node3 node3.chen.com
#在3台客户端分别执行以下命令,生成公钥/私钥
root@node3:~# ssh-keygen
Generating public/private ed25519 key pair.
Enter file in which to save the key (/root/.ssh/id_ed25519): #私钥的保存路径,按需修改
Enter passphrase (empty for no passphrase): #公钥的密码,按需设置
Enter same passphrase again: #再次确认公钥文件的密码
Your identification has been saved in /root/.ssh/id_ed25519
Your public key has been saved in /root/.ssh/id_ed25519.pub
The key fingerprint is:
SHA256:mPT2GZjV7sc3lj0gGf0Dgxfgn6sls4+BjhINC+tjjZs root@node1
The key's randomart image is:
+--[ED25519 256]--+
| ... |
| ..o . |
| . .+.= |
| . o + + .= = |
| o * S .o.+ o |
| . o o ..+..o +|
| . o . .o+.oo=o|
| =.o o O...o|
| .Eo .. . +.. |
+----[SHA256]-----+
#把私钥分别复制到node1、node2
root@node3:~# ssh-copy-id -i /root/.ssh/id_ed25519.pub 10.0.0.15
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_ed25519.pub"
The authenticity of host '10.0.0.15 (10.0.0.15)' can't be established.
ED25519 key fingerprint is SHA256:AlWa4esLgclLOo6re14H58Mwa69BlUWmq/OvEiQUMLE.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.15's password: #输入node2密码
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '10.0.0.15'"
and check to make sure that only the key(s) you wanted were added.
root@node3:~# ssh-copy-id -i /root/.ssh/id_ed25519.pub 10.0.0.1
4
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_ed25519.pub"
The authenticity of host '10.0.0.14 (10.0.0.14)' can't be established.
ED25519 key fingerprint is SHA256:AlWa4esLgclLOo6re14H58Mwa69BlUWmq/OvEiQUMLE.
This host key is known by the following other names/addresses:
~/.ssh/known_hosts:1: [hashed name]
~/.ssh/known_hosts:4: [hashed name]
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.14's password: #输入node1密码
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '10.0.0.14'"
and check to make sure that only the key(s) you wanted were added.
#node的授权key,可以看到已添加的公钥条目
root@node3:~# cat /root/.ssh/authorized_keys
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGPOq+WcMCUpYNikHiV1dA6I7w8pk/jZ/1Vzpx1iVRoO root@node1
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFNteGdBQAJHdYxbwrx5BChRFk72vdD2mHEFcmEzan3 root@node2
#node3已实现免密连接到另外2台机器
root@node3:~# ssh node2
Last login: Sat Jan 10 22:33:53 2026 from 10.0.0.16
root@node2:~#
root@node3:~# ssh node1
Last login: Sat Jan 10 22:33:53 2026 from 10.0.0.16
root@node1:~#
#检查另外2个客户端的公钥,与noded3的/root/.ssh/authorized_keys完全相同。证明配置正确,已实现3台客户端之间免密登录
root@node2:~# cat /root/.ssh/id_ed25519.pub
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFNteGdBQAJHdYxbwrx5BChRFk72vdD2mHEFcmEzan3 root@node2
root@node1:~# cat /root/.ssh/id_ed25519.pub
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGPOq+WcMCUpYNikHiV1dA6I7w8pk/jZ/1Vzpx1iVRoO root@node1
浙公网安备 33010602011771号