A机添加B机ssh信任
# B机执行
ssh-keygen -t rsa
一路回车
cat /root/.ssh/idrsa.pub
# A机执行
vim /root/.ssh/authorized_keys
将B机的pub信息加入
ssh
ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa -q -b 2048 -C "test@ppabc.cn"
ssh无密码认证 RSA
ssh-keygen -t rsa
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
ssh无密码认证 DSA
ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
查看生产的密匙
cat ~/.ssh/id_dsa
用ssh -v 显示详细的登陆信息查找原因:
ssh -v localhost
拷贝本地生产的key到远程服务器端(两种方法)
- 方法1
cat ~/.ssh/id_dsa.pub | ssh 远程用户名@远程服务器ip 'cat - >> ~/.ssh/authorized_keys'
scp ~/.ssh/id_dsa.pub username@远程机器IP:/userhome/.ssh/authorized_keys
ssh-copy-id -i /root/.ssh/id_dsa.pub root@192.168.1.2
- 方法2
scp ~/.ssh/id_dsa.pub test@10.0.0.1:/home/test/
##登陆远程服务器test@10.0.0.1 后执行:
cat /home/test/id_dsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
ssh密钥分发脚本
#!/bin/sh
read -p "输入远端服务器IP: " ip
##ssh-copy-id -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa.pub root@$ip
ssh-copy-id -i ~/.ssh/id_rsa.pub root@$ip
ssh root@$ip 'sed -i "s/^#RSAAuthentication\ yes/RSAAuthentication\ yes/g" /etc/ssh/sshd_config'
ssh root@$ip 'sed -i "s/^#PubkeyAuthentication\ yes/PubkeyAuthentication yes/g" /etc/ssh/sshd_config'
ssh root@$ip 'sed -i "s/^#PermitRootLogin\ yes/PermitRootLogin\ yes/g" /etc/ssh/sshd_config'
ssh root@$ip 'service sshd restart'
hostname=`ssh root@${ip} 'hostname'`
echo "添加主机名和IP到本地/etc/hosts文件中"
echo "$ip $hostname" >> /etc/hosts
echo "远端主机主机名称为$hostname, 请查看 /etc/hosts 确保该主机名和IP添加到主机列表文件中"
Footer
© 2022 GitHub, Inc.
Footer navigation
Terms
Privacy
Security
Status
Docs
