操作步骤:
1.主机A
生成公钥id_rsa.pub文件并导出该文件
root@mytest:~# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 7e:0f:dc:05:2e:d3:e0:24:c0:5f:fe:cf:e9:7a:f7:49 root@mytest The key's randomart image is: +--[ RSA 2048]----+ | .. | | .. . | | ..oo . | | .+.+ . | | S +.o . | | . . +.. | | . + .o E | | . o * o| | o+.oo| +-----------------+ root@mytest:~# sz /root/.ssh/id_rsa.pub
这步之后也可以通过以下步骤直接实现公钥认证(但是需要知道主机B用户danny的密码)
# ssh-copy-id -i /root/.ssh/id_rsa.pub danny@12.1.1.2 danny@12.1.1.2's password: //输入主机B用户danny的登录密码
2.主机B
得到id_rsa.pub文件,创建用户danny,并在该用户家目录创建.ssh文件夹和其文件下的远程认证文件authorized_keys
[root@B danny]# mkdir .ssh [root@B danny]# cd .ssh/ [root@B .ssh]# touch authorized_keys [root@B .ssh]# ls authorized_keys [root@B .ssh]# cat /home/danny/id_rsa.pub >authorized_keys
主机A登录主机B
root@mytest:/# ssh danny@IP_B