Linux配置免密登录

有两种拷贝文件的方式：

1、创建好秘钥后，使用scp、rsync等远程命令拷贝

1.1 创建用户并登录

[root@iZzm446eh1ux98Z ~]# useradd test
[root@iZzm446eh1ux98Z ~]# passwd test


[root@iZzm446eh1ux98Z ~]# su - test

1.2 生成秘钥

[test@iZzm446eh1ux98Z ~]$ mkdir .ssh
[test@iZzm446eh1ux98Z ~]$ chmod 700 .ssh

[test@iZzm446eh1ux98Z ~]$ ssh-keygen -t rsa -f .ssh/id_rsa -P ""
Generating public/private rsa key pair.
Your identification has been saved in .ssh/id_rsa.
Your public key has been saved in .ssh/id_rsa.pub.
The key fingerprint is:
SHA256:LdOSHz90renbdwRR08qqWSMydnsRWtxChSbgApMGSEs test@iZzm446eh1ux98Z
The key's randomart image is:
+---[RSA 3072]----+
|.E..o.  ..   o.oo|
|o . oo .  . + . o|
| . .  . .  = o o |
|       . +  = =. |
|        S +o.+...|
|        +=++=. o.|
|       . +.*ooo. |
|          + .o .o|
|           .  o.+|
+----[SHA256]-----+

1.3 将生成的公钥文件整合到认证文件里

[test@iZzm446eh1ux98Z ~]$ cp .ssh/id_rsa.pub .ssh/authorized_keys
[test@iZzm446eh1ux98Z ~]$ chmod 600 .ssh/authorized_keys

1.4 将公钥拷贝到远端主机

[test@iZzm446eh1ux98Z ~]$ scp .ssh/authorized_keys  test01@47.92.251.64:.ssh/

1.5 测试是否能够免密登录远程主机

[test@iZzm446eh1ux98Z ~]$ ssh test01@47.92.251.64 hostname
test

2、使用copy-id的方式拷贝

前两步和第一种方法一样，此处忽略

2.3 使用copy-id的方式拷贝秘钥到远程主机

-i 参数用于指定将公钥拷贝到远端主机的位置

[test@iZzm446eh1ux98Z ~]$ ssh-copy-id -i .ssh/id_rsa.pub test01@47.92.251.64
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
test01@47.92.251.64's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'test01@47.92.251.64'"
and check to make sure that only the key(s) you wanted were added.

2.4 测试

[test@iZzm446eh1ux98Z ~]$ ssh test01@47.92.251.64 hostname
test