首先,说明一下我们要做的是,serverA 服务器的 usera 用户免密码登录 serverB 服务器的 userb用户。 我们先使用usera 登录 serverA 服务器
同理 本地电脑登录服务器
//首先登录a服务器,然后生成密钥对 [usera@serverA ~]$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/usera/.ssh/id_rsa): Created directory '/home/usera/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/usera/.ssh/id_rsa. Your public key has been saved in /home/usera/.ssh/id_rsa.pub. The key fingerprint is: 39:f2:fc:70:ef:e9:bd:05:40:6e:64:b0:99:56:6e:01 usera@serverA The key's randomart image is: +--[ RSA 2048]----+ | Eo* | | @ . | | = * | | o o . | | . S . | | + . . | | + . .| | + . o . | | .o= o. | +-----------------+
根目录下,查看生成的密匙对
[usera@serverA ~]$ ls -la .ssh 总用量 16 drwx------ 2 usera usera 4096 8月 24 09:22 . drwxrwx--- 12 usera usera 4096 8月 24 09:22 .. -rw------- 1 usera usera 1675 8月 24 09:22 id_rsa -rw-r--r-- 1 usera usera 399 8月 24 09:22 id_rsa.pub
[usera@portalweb1 ~]$ ssh-copy-id userb@10.124.84.20 The authenticity of host '10.124.84.20 (10.124.84.20)' can't be established. RSA key fingerprint is f0:1c:05:40:d3:71:31:61:b6:ad:7c:c2:f0:85:3c:cf. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.124.84.20' (RSA) to the list of known hosts. userb@10.124.84.29's password: Now try logging into the machine, with "ssh 'userb@10.124.84.20'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.
这个时候usera的公钥文件内容会追加写入到userb的 .ssh/authorized_keys 文件中
//查看a服务器的id_rsa.pub [usera@serverA ~]$ cat .ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2dpxfvifkpswsbusPCUWReD/mfTWpDEErHLWAxnixGiXLvHuS9QNavepZoCvpbZWHade88KLPkr5XEv6M5RscHXxmxJ1IE5vBLrrS0NDJf8AjCLQpTDguyerpLybONRFFTqGXAc/ximMbyHeCtI0vnuJlvET0pprj7bqmMXr/2lNlhIfxkZCxgZZQHgqyBQqk/RQweuYAiuMvuiM8Ssk/rdG8hL/n0eXjh9JV8H17od4htNfKv5+zRfbKi5vfsetfFN49Q4xa7SB9o7z6sCvrHjCMW3gbzZGYUPsj0WKQDTW2uN0nH4UgQo7JfyILRVZtwIm7P6YgsI7vma/vRP0aw== usera@serverA
//查看b服务器的authorized_keys,相同表示ok [userb@serverB ~]$ cat .ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2dpxfvifkpswsbusPCUWReD/mfTWpDEErHLWAxnixGiXLvHuS9QNavepZoCvpbZWHade88KLPkr5XEv6M5RscHXxmxJ1IE5vBLrrS0NDJf8AjCLQpTDguyerpLybONRFFTqGXAc/ximMbyHeCtI0vnuJlvET0pprj7bqmMXr/2lNlhIfxkZCxgZZQHgqyBQqk/RQweuYAiuMvuiM8Ssk/rdG8hL/n0eXjh9JV8H17od4htNfKv5+zRfbKi5vfsetfFN49Q4xa7SB9o7z6sCvrHjCMW3gbzZGYUPsj0WKQDTW2uN0nH4UgQo7JfyILRVZtwIm7P6YgsI7vma/vRP0aw== usera@serverA
另外我们要注意b服务器,.ssh目录的权限为700,其下文件authorized_keys和私钥的权限为600。否则会因为权限问题导致无法免密码登录。我们可以看到登陆后会有known_hosts文件生成。
以后就可以免密码登录服务器b了
[usera@serverA ~]$ ssh userb@10.124.84.25
----------------------review-------------------
//其实也就两步 //生成密匙对 ssh-keygen -t rsa //复制id_rsa.pub到服务器 ssh-copy-id 用户名@ip
----------------------github免密码-------------------
//cd 仓库dir cd .git vim config
// 修改url地址为ssh方式
[core]
repositoryformatversion = 0
filemode = false
bare = false
logallrefupdates = true
symlinks = false
ignorecase = true
hideDotFiles = dotGitOnly
[remote "origin"]
url = git@github.com:dongsongshan/dongsongshan.github.io
fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
remote = origin
merge = refs/heads/master
----------------------review 2018-4-12 -------------------
本地电脑免密码登录服务器
查看是否存在id_ras和id_ras.pub两个文件(~/.ssh/)
有的话直接用ssh-copy-id 用户名@ip
09 Aug 2017