SSH免密登陆

来源：互联网发布：手机放电软件编辑：程序博客网时间：2024/05/01 05:21

SSH免密登陆

现在很多部署在Linux集群的软件系统都会涉及到ssh免密登陆，例如Oracle的Rac、Hadoop等，下面将简单介绍一下SSH的免密登陆
前期准备：VirtualBox软件，Ubuntu虚拟机2台（node,node1）
node:192.168.57.101
node1:192.168.57.103
现在想实现两个节点之间彼此的免密ssh登陆

生成rsa密钥

root@node:~# ssh-keygen -t rsa -P ”

参数P表示存在密码，可以在后面加自定义密码，我这里为了方便用的是-P ”空字符串表示密码为空，当然也可以不加P参数但是需要多回车两次，回车后就会在/root目录下生成ssh目录，如果你用的其他用户登陆如XX则会在/home/XX下生成.ssh目录，目录里有id_rsa和id_rsa.pub文件，这两个文件就是用来实现免密登陆的。

root@node:~# ssh-keygen -t rsa -P ''Generating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'.Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:SHA256:jxfmhN3Oofu0DzIbGv3mGBw6VgcX5YBnkp1XemeiqfY root@nodeThe key's randomart image is:+---[RSA 2048]----+|           +oo...||          + =+.. ||          .+..+ +||         o + o +.||        S B *    ||         @ O .   ||        * # =    ||       . * %.o   ||        . ++E..  |+----[SHA256]-----+

复制密钥

使用scp命令将生成的id_rsa.pub文件上传到node1指定目录

root@node:~# scp /root/.ssh/id_rsa.pub root@192.168.57.103:/root

由于目前没有实现免密登陆所以需要输入密码

The authenticity of host '192.168.57.103 (192.168.57.103)' can't be established.ECDSA key fingerprint is SHA256:+rYv2fdh3HngKOh1p/X1LTRHn66BW9jA8EPJO6vwiN8.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '192.168.57.103' (ECDSA) to the list of known hosts.root@192.168.57.103's password: id_rsa.pub                                       100%  391     0.4KB/s   00:00

添加authorzied_keys

下一步将在node1把从node复制过来的id_rsa.pub文件添加到.ssh/authorzied_keys文件中
在node1端

root@node1:~# cat id_rsa.pub >> .ssh/authorized_keys

然后再给authorized_keys添加600的权限

root@node1:~# chmod 600 .ssh/authorized_keys

至此完成了ssh免密登陆的配置，测试一下成功，同理从node1免密登陆也是一样的

root@node:~# ssh 192.168.57.103Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.4.0-62-generic x86_64) * Documentation:  https://help.ubuntu.com * Management:     https://landscape.canonical.com * Support:        https://ubuntu.com/advantage8 个可升级软件包。8 个安全更新。Last login: Thu Jul  6 15:32:09 2017 from 192.168.57.1

阅读全文

0 0