[root@ceshi ~]# ssh-keygen -t dsa -f ~/.ssh/id_dsa -P ""
Generating public/private dsa key pair.
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
4d:01:91:98:be:02:89:ab:ce:63:4f:81:e3:ab:0b:f8 root@ceshi
The key's randomart image is:
+--[ DSA 1024]----+
| oo+. |
| o . . |
| . . . . |
|. + . o |
| + o .S . |
|+ . o . |
|+. . . |
|++o |
|*=E. |
+-----------------+
[root@ceshi ~]# ls ~/.ssh/
authorized_keys id_dsa id_dsa.pub known_hosts
命令说明:
ssh-keygen:生成密钥对命令
-t:指定密钥对的密码加密类型(rsa,dsa两种)
-f:指定密钥对文件的生成路径包含文件名
-P(大写):指定密钥对的密码
2. 免交户方式分发公钥
[root@ceshi ~]# sshpass -p "ssh登录密码" ssh-copy-id -i ~/.ssh/id_dsa.pub "-o StrictHostKeyChecking=no [email protected]"
Now try logging into the machine, with "ssh '-o StrictHostKeyChecking=no [email protected]'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@ceshi ~]#
命令说明:
sshpass:专为ssh连接服务的免交户工具
-p :指定登录的密码
ssh-copy-id:自动分发公钥的工具
-i:指定公钥路径
-o StrictHostKeyChecking=no :不进行对方主机信息的写入(第一次ssh连接会在know_hosts文件里记录)