第一種配置方法
服務端生成密鑰和公鑰
ssh-keygen -t rsa
Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): #注意這里,如果設置了密碼,那么登陸的時候也要輸入這個密碼 Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:/gGrlDJN5euMS5aai5feBkEI/0WjEnzPzx1xGtdkKG4 root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ |.o.. o +o | | .o.oo . + +.. | | oo.o. .. B | | o..oo E | | ...oSo . | | .o +o+. | | ooB + . | | .oX.= . . | | .o=o=.o . | +----[SHA256]-----+
創建authorized_keys存儲公鑰
touch /root/.ssh/authorized_keys
把公鑰寫入authorized_key
cat id_rsa.pub > authorized_keys
修改權限
chmod 700 /root/.ssh
chmod 600 /root/.ssh/authorized_keys
修改/etc/ssh/sshd_config
RSAAuthentication yes # 開啟密鑰登入的認證方式
PubkeyAuthentication yes # 開啟密鑰登入的認證方式
PasswordAuthentication no #禁用密碼登陸
重啟sshd,然后建議用xshell登陸測試
Linux系統密鑰登陸Linux
ssh root@192.168.199.2
第二種配置方式
Linux系統之間的密鑰配置(此配置方式也要在ssh文件里面開啟密鑰認證方式)
ssh-keygen #生成密鑰 ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.28.128 #復制公鑰到要遠程的主機,本機也要執行 ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.28.131 ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.28.132
注意權限問題:
./ 700
.ssh 700
authorized_keys 600