LINUX环境配置SSH免密
来源:互联网 发布:seo外包公司 编辑:程序博客网 时间:2024/05/22 13:00
本文主要讲述了LINUX环境如何配置SSH信任,配置SSH信任的目地是,SSH到目标机器上时,不用再输入密码。
环境: 两台linux的机器,主机名分别为db2a、db2b,IP地址分别为192.168.187.141、192.168.187.142,都有一个名为qingsong的用户
$ cat /etc/hosts
127.0.0.1 localhost
192.168.187.141 db2a
192.168.187.142 db2b
qingsong@db2a:~$ ssh db2b
The authenticity of host 'db2b (192.168.187.142)' can't be established.
ECDSA key fingerprint is f2:94:73:e7:8e:6c:c4:50:aa:54:9c:15:57:61:bb:e6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'db2b,192.168.187.142' (ECDSA) to the list of known hosts.
qingsong@db2b's password: <--输入密码
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 4.4.0-31-generic x86_64)
* Documentation: https://help.ubuntu.com/
New release '16.04.2 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Last login: Sat Jun 24 07:57:47 2017 from 192.168.187.1
qingsong@db2b:~$ <--输入密码之后,成功
qingsong@db2b:~$ exit
logout
Connection to db2b closed.
qingsong@db2a:~$ ssh db2b
qingsong@db2b's password: <--输入密码
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 4.4.0-31-generic x86_64)
* Documentation: https://help.ubuntu.com/
New release '16.04.2 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Last login: Sat Jun 24 08:03:34 2017 from db2a
2. 配置SSH信任
看home目录下有没有名为 '.ssh'的文件夹,如果没有,新建一个,两个机器上执行的命令是相同的:
db2a上:
qingsong@db2a:~$ cd .ssh
qingsong@db2a:~/.ssh$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/qingsong/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/qingsong/.ssh/id_rsa.
Your public key has been saved in /home/qingsong/.ssh/id_rsa.pub.
The key fingerprint is:
a6:58:05:69:29:0c:a6:a3:ec:3d:54:2f:0a:b9:12:28 qingsong@db2a
The key's randomart image is:
+--[ RSA 2048]----+
| oo .o |
| o o +. |
|o + . |
|+.. . .. |
|E+ . ...S |
|o.= .o.o |
|.o +. . |
|. . |
| |
+-----------------+
qingsong@db2a:~/.ssh$ ls
id_rsa id_rsa.pub known_hosts
qingsong@db2a:~/.ssh$ touch authorized_keys
qingsong@db2a:~/.ssh$ chmod 600 authorized_keys
db2b上:
qingsong@db2b:~$ cd .ssh
qingsong@db2b:~/.ssh$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/qingsong/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/qingsong/.ssh/id_rsa.
Your public key has been saved in /home/qingsong/.ssh/id_rsa.pub.
The key fingerprint is:
76:1a:39:eb:97:9b:31:28:ab:06:1f:ef:e9:7a:35:49 qingsong@db2b
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| |
| E. |
| .S.. |
| . . .+B |
| o o..+.o. |
| o o= o+ |
| .o*= ..o. |
+-----------------+
qingsong@db2b:~/.ssh$ ls
id_rsa id_rsa.pub
qingsong@db2b:~/.ssh$ touch authorized_keys
qingsong@db2b:~/.ssh$ chmod 600 authorized_keys
这时候,只要把db2a中id_rsa.pub的内容追加到db2b的authorized_keys文件里,就可以实现用户qingsong从db2a机SSH到db2b时,不用输入密码:
db2a上:
qingsong@db2a:~/.ssh$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsI4m6nTRdaxviBLN9L8DONFj6Y3WUNzBgJsYKNfDfA/y+6ofF5eUgka2cJYeq06/0f+k7OeC4nJZL+pdcG5Syu20berO1KbIqE6hAZ8eUgbaoteR2/v1eySphV/kcus7NBOw611CKMLD1Q9sWLDsHqtZIlUdlnAX8EMAkwJImBuyLPYesOu/mejn6U474TUMS5WxfXpcoBPDTFvarZWLE2yhg6t//WDiuuileXtP+9T/zWBDyZmJSmc+EhnwvHqjCyylrRHHkks1B3ufYtzBM1HGt/MJKcOitkGshLJFHXam+ovNLU8D46RymZmOJOMMxxEIHMvzgz29URvYCRHsb qingsong@db2a
db2b上:
qingsong@db2b:~/.ssh$ echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsI4m6nTRdaxviBLN9L8DONFj6Y3WUNzBgJsYKNfDfA/y+6ofF5eUgka2cJYeq06/0f+k7OeC4nJZL+pdcG5Syu20berO1KbIqE6hAZ8eUgbaoteR2/v1eySphV/kcus7NBOw611CKMLD1Q9sWLDsHqtZIlUdlnAX8EMAkwJImBuyLPYesOu/mejn6U474TUMS5WxfXpcoBPDTFvarZWLE2yhg6t//WDiuuileXtP+9T/zWBDyZmJSmc+EhnwvHqjCyylrRHHkks1B3ufYtzBM1HGt/MJKcOitkGshLJFHXam+ovNLU8D46RymZmOJOMMxxEIHMvzgz29URvYCRHsb qingsong@db2a" >> authorized_keys
db2a上:
qingsong@db2a:~/.ssh$ ssh db2b
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 4.4.0-31-generic x86_64)
* Documentation: https://help.ubuntu.com/
New release '16.04.2 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Last login: Sat Jun 24 08:05:16 2017 from db2a
可以看到,ssh到db2b时就不用输入密码了。
双向免密都配置完之后,可以测试下:
db2a到本机:
qingsong@db2a:~/.ssh$ ssh db2a date
Sat Jun 24 08:37:01 PDT 2017
db2a到db2b:
qingsong@db2a:~/.ssh$ ssh db2b date
Sat Jun 24 08:37:06 PDT 2017
db2b到本机:
qingsong@db2b:~/.ssh$ ssh db2b date
Sat Jun 24 08:37:27 PDT 2017
db2b到db2a:
qingsong@db2b:~/.ssh$ ssh db2a date
Sat Jun 24 08:37:33 PDT 2017
环境: 两台linux的机器,主机名分别为db2a、db2b,IP地址分别为192.168.187.141、192.168.187.142,都有一个名为qingsong的用户
$ cat /etc/hosts
127.0.0.1 localhost
192.168.187.141 db2a
192.168.187.142 db2b
具体步骤:
1. 没有配置ssh时,从db2a SSH到db2b时,每次都要输入密码:qingsong@db2a:~$ ssh db2b
The authenticity of host 'db2b (192.168.187.142)' can't be established.
ECDSA key fingerprint is f2:94:73:e7:8e:6c:c4:50:aa:54:9c:15:57:61:bb:e6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'db2b,192.168.187.142' (ECDSA) to the list of known hosts.
qingsong@db2b's password: <--输入密码
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 4.4.0-31-generic x86_64)
* Documentation: https://help.ubuntu.com/
New release '16.04.2 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Last login: Sat Jun 24 07:57:47 2017 from 192.168.187.1
qingsong@db2b:~$ <--输入密码之后,成功
qingsong@db2b:~$ exit
logout
Connection to db2b closed.
qingsong@db2a:~$ ssh db2b
qingsong@db2b's password: <--输入密码
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 4.4.0-31-generic x86_64)
* Documentation: https://help.ubuntu.com/
New release '16.04.2 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Last login: Sat Jun 24 08:03:34 2017 from db2a
2. 配置SSH信任
看home目录下有没有名为 '.ssh'的文件夹,如果没有,新建一个,两个机器上执行的命令是相同的:
db2a上:
qingsong@db2a:~$ cd .ssh
qingsong@db2a:~/.ssh$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/qingsong/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/qingsong/.ssh/id_rsa.
Your public key has been saved in /home/qingsong/.ssh/id_rsa.pub.
The key fingerprint is:
a6:58:05:69:29:0c:a6:a3:ec:3d:54:2f:0a:b9:12:28 qingsong@db2a
The key's randomart image is:
+--[ RSA 2048]----+
| oo .o |
| o o +. |
|o + . |
|+.. . .. |
|E+ . ...S |
|o.= .o.o |
|.o +. . |
|. . |
| |
+-----------------+
qingsong@db2a:~/.ssh$ ls
id_rsa id_rsa.pub known_hosts
qingsong@db2a:~/.ssh$ touch authorized_keys
qingsong@db2a:~/.ssh$ chmod 600 authorized_keys
db2b上:
qingsong@db2b:~$ cd .ssh
qingsong@db2b:~/.ssh$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/qingsong/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/qingsong/.ssh/id_rsa.
Your public key has been saved in /home/qingsong/.ssh/id_rsa.pub.
The key fingerprint is:
76:1a:39:eb:97:9b:31:28:ab:06:1f:ef:e9:7a:35:49 qingsong@db2b
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| |
| E. |
| .S.. |
| . . .+B |
| o o..+.o. |
| o o= o+ |
| .o*= ..o. |
+-----------------+
qingsong@db2b:~/.ssh$ ls
id_rsa id_rsa.pub
qingsong@db2b:~/.ssh$ touch authorized_keys
qingsong@db2b:~/.ssh$ chmod 600 authorized_keys
这时候,只要把db2a中id_rsa.pub的内容追加到db2b的authorized_keys文件里,就可以实现用户qingsong从db2a机SSH到db2b时,不用输入密码:
db2a上:
qingsong@db2a:~/.ssh$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsI4m6nTRdaxviBLN9L8DONFj6Y3WUNzBgJsYKNfDfA/y+6ofF5eUgka2cJYeq06/0f+k7OeC4nJZL+pdcG5Syu20berO1KbIqE6hAZ8eUgbaoteR2/v1eySphV/kcus7NBOw611CKMLD1Q9sWLDsHqtZIlUdlnAX8EMAkwJImBuyLPYesOu/mejn6U474TUMS5WxfXpcoBPDTFvarZWLE2yhg6t//WDiuuileXtP+9T/zWBDyZmJSmc+EhnwvHqjCyylrRHHkks1B3ufYtzBM1HGt/MJKcOitkGshLJFHXam+ovNLU8D46RymZmOJOMMxxEIHMvzgz29URvYCRHsb qingsong@db2a
db2b上:
qingsong@db2b:~/.ssh$ echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsI4m6nTRdaxviBLN9L8DONFj6Y3WUNzBgJsYKNfDfA/y+6ofF5eUgka2cJYeq06/0f+k7OeC4nJZL+pdcG5Syu20berO1KbIqE6hAZ8eUgbaoteR2/v1eySphV/kcus7NBOw611CKMLD1Q9sWLDsHqtZIlUdlnAX8EMAkwJImBuyLPYesOu/mejn6U474TUMS5WxfXpcoBPDTFvarZWLE2yhg6t//WDiuuileXtP+9T/zWBDyZmJSmc+EhnwvHqjCyylrRHHkks1B3ufYtzBM1HGt/MJKcOitkGshLJFHXam+ovNLU8D46RymZmOJOMMxxEIHMvzgz29URvYCRHsb qingsong@db2a" >> authorized_keys
db2a上:
qingsong@db2a:~/.ssh$ ssh db2b
Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 4.4.0-31-generic x86_64)
* Documentation: https://help.ubuntu.com/
New release '16.04.2 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
Last login: Sat Jun 24 08:05:16 2017 from db2a
可以看到,ssh到db2b时就不用输入密码了。
同理,
如果想要用户qingsong从db2b上SSH到db2a上时免密,只需要把db2b上的id_rsa.pub里内容追加到db2a的authorized_keys里;
如果想要SSH到本机免密(比如db2a到db2a),那么只需要把自己id_rsa.pub的内容追加到自己的authorized_keys里。双向免密都配置完之后,可以测试下:
db2a到本机:
qingsong@db2a:~/.ssh$ ssh db2a date
Sat Jun 24 08:37:01 PDT 2017
db2a到db2b:
qingsong@db2a:~/.ssh$ ssh db2b date
Sat Jun 24 08:37:06 PDT 2017
db2b到本机:
qingsong@db2b:~/.ssh$ ssh db2b date
Sat Jun 24 08:37:27 PDT 2017
db2b到db2a:
qingsong@db2b:~/.ssh$ ssh db2a date
Sat Jun 24 08:37:33 PDT 2017
阅读全文
0 0
- LINUX环境配置SSH免密
- Linux SSH免密配置
- Linux配置ssh免密登录
- windows配置ssh免密登录linux
- linux配置ssh免密登录
- Linux配置ssh免密登陆
- 配置Linux之间ssh免密登录
- linux配置ssh免密登录
- linux配置ssh免登录
- linux配置ssh免登陆
- ansible 配置 linux 主机ssh免密访问
- linux系统ssh免密登陆集群配置
- 配置linux(CentOs)操作系统ssh免密登录
- 配置linux主机到windows主机ssh免密登陆
- linux(十)配置ssh免密登录实现
- Linux Ubuntu 16.04 ssh免密配置步骤札记
- 配置ssh免密登录
- ssh免密登录配置
- centos7 python 2.7 和 python3兼容安装
- ajax知识总结系列之二
- SVG绘制中国地图
- Centos7-Tomcat启动很慢问题
- 600X笔记(week-2 简单算法与函数)
- LINUX环境配置SSH免密
- 今天在mac10.10上成功运行了android studio
- Java Web开发的几种模式总结
- Maven环境变量配置和Web创建及遇到的问题
- C#调用C++ Dll
- 从高考到程序员:我的程序探险之旅
- 今天搞清楚了一年半前的那次网络收包错误原因
- 最近的工作
- 一篇文章让你精通CSS选择器
