使用秘鑰ssh登錄遠程服務器

一、使用公鑰遠程登錄ssh服務器方式

1.1 在客戶端使用ssh-keygen  生成密匙

steven:~ admin$ ssh-keygen           //客戶端生成秘鑰
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/admin/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):      //直接回車 不輸入密碼
Enter same passphrase again:                            //回車
Your identification has been saved in /Users/admin/.ssh/id_rsa.
Your public key has been saved in /Users/admin/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:SB3UMdOY71AEGnsjlLRPMkdxCTjrUR07pXbUAkBQ9I8 admin@steven.local
The key's randomart image is:
+---[RSA 2048]----+
|       oBO&%=+o. |
|       o+B====. .|
|      . O+=o* .. |
|     . .oO.o.=   |
|      ..S..oE .  |
|        .   .    |
|                 |
|                 |
|                 |
+----[SHA256]-----+

steven:.ssh admin$ ls /Users/admin/.ssh/

id_dsa id_dsa.pub id_rsa id_rsa.pub known_hosts  帶.pub的就是公鑰的文件

1.2 發布公鑰，使用ssh-copy-id 命令將客戶端生成的公鑰發布到服務器地址上，並使用-i參數指定公鑰的存放位置。

steven:.ssh admin$ ssh-copy-id -i /Users/admin/.ssh/id_rsa.pub root@120.0.1.300 -p**0，有端口號的要指定端口號

steven:.ssh admin$ ssh-copy-id -i /Users/admin/.ssh/id_rsa.pub root@***.*.*.**4 -p3***
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/admin/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@*.*.**.*'s password: 

Number of key(s) added:        1

Now try logging into the machine, with:   "ssh -p '***' 'root@***'"
and check to make sure that only the key(s) you wanted were added.

1.3 登錄服務器

steven:~ admin$ ssh root@**.**.** -p**
Last login: Fri Nov  2 22:13:41 2018 from 10.0.5.172
警告⚠️ 你所有的操作將被記錄
[root@localhost ~]#       //登錄成功
//配對成功后，服務器生成文件/root/.ssh/authorized_keys,如果是普通用戶，則在/home/用戶名/.ssh/authorized_keys里面.
[root@localhost .ssh]# cat /root/.ssh/authorized_keys