2. 软件开发
    3. 配置ssh无密码访问(免登录)

    配置ssh无密码访问(免登录)

    xiaoxiao2025-09-29  40

    目标:

    配置ssh无密码访问 node2节点可以不使用密码,就能登录node1

    过程:

    被访问端,输入命令生成密钥:

    [root@10 ~]# ssh-keygen

    一路回车就行了

    [root@node1 ~]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 06:ff:e6:43:43:fe:f6:3f:4a:9b:9c:17:21:dc:43:0d root@node1 The key's randomart image is: +--[ RSA 2048]----+ | E..| | ..| | . . o | | o . o + | | So . o| | . .+ . | | .oo . .| | o. = +o | | .o B+.o| +-----------------+

    将密钥发送至访问端,使用命令:

    [root@10 ~]# ssh-copy-id 10.0.0.5 [root@node1 ~]# ssh-copy-id node2 The authenticity of host 'node2 (10.10.49.184)' can't be established. ECDSA key fingerprint is bf:21:6b:73:46:09:4b:de:f0:a7:38:7f:d9:86:89:fc. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@node2's password: (此处输入被访问端密码) Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'node2'" and check to make sure that only the key(s) you wanted were added.

    检验:

    [root@node1 ~]# ssh node2 Last login: Sun May 26 13:34:19 2019 from node1 [root@node2 ~]#

    附,ssh发送密钥过程:

    可用scp命令代替:

    [root@10 ~]# scp /root/.ssh/id_rsa.pub 10.0.0.5:/root/.ssh/authorized_keys

    访问端密钥:

    [root@node1 ~]# cat /root/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDlyagW3N/T2gsOkrTb4s/8QgXOjGo9xPC7br/XqDQIAq9zGXJP/kbJcIhNzoZfgNQLZM5PP+y6mSpV0K1YelOcEV2gpYksQ5u3WXrtOfTpddBXr6I/eQRFxhBDEv6g+ysYQ+vfGFJVGlkNTqMjeD8oWH5R0A/o/lJJJCTBZy0SfydYXAlV40urqnpi8jt0gBvNse/Pdxd4vpZOHPadt/IHDTCbckP5ZoDXvQK4smMt8yzHC6o4QtRjeDANNWwU+B/H9RWxfURz7hryGB1lxZLmKHbc7MIYMkmJ/FGowMZJDQ1Wdma0I13c/n5z7P+XPLmMhliz332R9rN2fyzU5t17 root@node1

    被访问端密钥:

    [root@node2 ~]# cat /root/.ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDlyagW3N/T2gsOkrTb4s/8QgXOjGo9xPC7br/XqDQIAq9zGXJP/kbJcIhNzoZfgNQLZM5PP+y6mSpV0K1YelOcEV2gpYksQ5u3WXrtOfTpddBXr6I/eQRFxhBDEv6g+ysYQ+vfGFJVGlkNTqMjeD8oWH5R0A/o/lJJJCTBZy0SfydYXAlV40urqnpi8jt0gBvNse/Pdxd4vpZOHPadt/IHDTCbckP5ZoDXvQK4smMt8yzHC6o4QtRjeDANNWwU+B/H9RWxfURz7hryGB1lxZLmKHbc7MIYMkmJ/FGowMZJDQ1Wdma0I13c/n5z7P+XPLmMhliz332R9rN2fyzU5t17 root@node1

    被访问端密钥文件权限:

    [root@node2 ~]# ll /root/.ssh/authorized_keys -rw-------. 1 root root 392 May 26 13:41 /root/.ssh/authorized_keys

    总结:

    在某些特殊情况下,可以利用手动的方式来完成密钥的复制。

    最新回复(0)