linux 实现多台主机无密码ssh

linux 主机之间实现无密码登录

  • 服务器A ip:192.168.0.100 ssh port 10086 (默认是22)
  • 服务器B ip:192.168.0.101 ssh port 10086 (默认是22)
  • 服务器C ip:192.168.0.102 ssh port 10086 (默认是22)
  1. 服务器A 操作:生成密钥对
[root@www ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
9a:c4:4a:39:96:88:c6:be:58:8b:a8:33:13:0a:be:34 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|                 |
|.. . +           |
|.o. * o S        |
|=  o + o         |
|+E. . o          |
|O+o.             |
|**o              |
-----------------+
  • 生成结果在当前用户根目录~/.ssh/
  • 里面有id_rsa(私钥)和id_rsa.pub(公钥)
  • 此时确定下.ssh 目录权限是 770
  • 确定 id_rsa 权限是 600
  • 确定 id_rsa.pub 权限是 644

 

drwx------  2 root root   4096 Dec  9 22:55 .ssh 
-rw------- 1 root root 1671 Dec  9 22:55 id_rsa
-rw-r--r-- 1 root root  401 Dec  9 22:55 id_rsa.pub

2. 将公钥添加到需要无密码登陆的服务器B的名为authorized_keys文件里

[root@www ~]# ssh-copy-id -i  ~/.ssh/id_rsa.pub '-p 10086 [email protected]'    
The authenticity of host '191.168.0.100 (191.168.0.100)' can't be established.
RSA key fingerprint is 04:0d:7e:b7:73:f2:60:b4:df:fe:1e:1e:bd:49:86:d4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '191.168.0.100' (RSA) to the list of known hosts.
[email protected]'s password: 
Now try logging into the machine, with "ssh '-p 10086 [email protected]'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@www ~]#

 

  • 这里会让你输入主机里的密码用户是root ([email protected]) 你也可以用其他账号
  • 请注意 ssh-copy-id -i ~/.ssh/id_rsa.pub ' -p 10086 [email protected]'
  • 上面黑体加粗的地方因为服务器B的端口是改过的默认是22,(安全起见)改成其他端口,需要用引号包起来.
  • 试试在服务器A上直接 ssh -p 10086 [email protected]
  • 祝君成功!

备注:

  1. 如果是单机做无密码登陆,将服务器A生成的id_rsa.pub copy 到 服务器B .ssh 目录下并改名为authorized_keys
  2. 如果是多台服务器用 ssh-copy-id  命令