通过linux一台服务生成密钥,并发送给另外一个linux服务器,实现密钥认证方式访问服务器。
服务器A:
1、输入:ssh-keygen 一路回车,生成如下:
[alice@caowl130 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/alice/.ssh/id_rsa):
Created directory '/home/alice/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/alice/.ssh/id_rsa.
Your public key has been saved in /home/alice/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:/D4MLSKErL1nLzyA8GZIExNRTTMNfpAp/Q8oxnqwd2k alice@caowl130
The key's randomart image is:
+---[RSA 2048]----+
| o+.+*= |
| o ..=+. |
| .+...o. |
|.+o+...+ |
|o**.. . S. |
|+o*o.E. oo. |
| oo+o. . +. |
| . * .o |
| o +. .. |
+----[SHA256]-----+
2、当前目录下面会生成一 .ssh 的目录,里面包含了密钥,需要将该密钥发送给想要连接的服务器上。
使用命令:ssh-copy-id 192.168.153.129,输入密码。添加成功。
[alice@caowl130 ~]$ ssh-copy-id 192.168.153.129
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/alice/.ssh/id_rsa.pub"
The authenticity of host '192.168.153.129 (192.168.153.129)' can't be established.
ECDSA key fingerprint is SHA256:mO5piEGc2NFFYxyMvxPVYwSHebQU1je35Am1JlDgIhw.
ECDSA key fingerprint is MD5:f8:b3:54:11:2e:54:e1:f7:4a:e7:a1:2a:1e:15:fa:10.
Are you sure you want to continue connecting (yes/no)? yes
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
alice@192.168.153.129's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.153.129'"
and check to make sure that only the key(s) you wanted were added.