运维经–目录

ssh免密登录授信

1.应用场景
A主机经常登录B主机，又不想每次都输入密码。那么可以使用登录授信方式。

2.生成秘钥对

(base) frank@deepin:~/.ssh$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/frank/.ssh/id_rsa): 
/home/frank/.ssh/id_rsa already exists.
Overwrite (y/n)? 
(base) frank@deepin:~/.ssh$ ll
总用量 12
-rw------- 1 frank frank 1679 1月  22 12:05 id_rsa
-rw-r--r-- 1 frank frank  394 1月  22 12:05 id_rsa.pub
-rw-r--r-- 1 frank frank  222 1月  13 14:32 known_hosts
(base) frank@deepin:~/.ssh$

id_rsa # 秘钥
id_rsa.pub # 公钥

3.下发公钥

(base) frank@deepin:~/.ssh$ ssh-copy-id -i id_rsa.pub [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: WARNING: All keys were skipped because they already exist on the remote system.
		(if you think this is a mistake, you may want to use -f option)

4.手动安装公钥
将A主机的~/.ssh/id_rsa.pub公钥文本内容，手动复制到B主机的~/.ssh/authorized_keys文件中

5.免密登录B主机

ssh [email protected]

不需要输入密码