通過linux一台服務生成密鑰,並發送給另外一個linux服務器,實現密鑰認證方式訪問服務器。
服務器A:
1、輸入:ssh-keygen 一路回車,生成如下:
[alice@caowl130 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/alice/.ssh/id_rsa):
Created directory '/home/alice/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/alice/.ssh/id_rsa.
Your public key has been saved in /home/alice/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:/D4MLSKErL1nLzyA8GZIExNRTTMNfpAp/Q8oxnqwd2k alice@caowl130
The key's randomart image is:
+---[RSA 2048]----+
| o+.+*= |
| o ..=+. |
| .+...o. |
|.+o+...+ |
|o**.. . S. |
|+o*o.E. oo. |
| oo+o. . +. |
| . * .o |
| o +. .. |
+----[SHA256]-----+
2、當前目錄下面會生成一 .ssh 的目錄,里面包含了密鑰,需要將該密鑰發送給想要連接的服務器上。
使用命令:ssh-copy-id 192.168.153.129,輸入密碼。添加成功。
[alice@caowl130 ~]$ ssh-copy-id 192.168.153.129
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/alice/.ssh/id_rsa.pub"
The authenticity of host '192.168.153.129 (192.168.153.129)' can't be established.
ECDSA key fingerprint is SHA256:mO5piEGc2NFFYxyMvxPVYwSHebQU1je35Am1JlDgIhw.
ECDSA key fingerprint is MD5:f8:b3:54:11:2e:54:e1:f7:4a:e7:a1:2a:1e:15:fa:10.
Are you sure you want to continue connecting (yes/no)? yes
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
alice@192.168.153.129's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.153.129'"
and check to make sure that only the key(s) you wanted were added.