原文链接:https://blog.csdn.net/u014721096/article/details/78553032
一 客户端是linux
1.在客户端生成密钥对
[root@localhost ~]# ssh-keygen -t rsa <== 建立密钥对,-t代表类型,有RSA和DSA两种
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): <==密钥文件默认存放位置,按Enter即可
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): <== 输入密钥锁码,或直接按 Enter 留空
Enter same passphrase again: <== 再输入一遍密钥锁码
Your identification has been saved in /root/.ssh/id_rsa. <== 生成的私钥
Your public key has been saved in /root/.ssh/id_rsa.pub. <== 生成的公钥
The key fingerprint is:
SHA256:K1qy928tkk1FUuzQtlZK+poeS67vIgPvHw9lQ+KNuZ4 root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
| +. |
| o * . |
| . .O + |
| . *. * |
| S =+ |
| . =... |
| .oo =+o+ |
| ==o+B*o. |
| oo.=EXO. |
+----[SHA256]-----+
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
密钥锁码在使用私钥时必须输入,这样就可以保护私钥不被盗用。当然,也可以留空,实现无密码登录,这里密钥锁码设置为空。完成上述步骤后,在 root 用户的家目录中生成了一个 .ssh 的隐藏目录,内含两个密钥文件,其中id_rsa 为私钥,id_rsa.pub 为公钥。
2.把公钥传输至远程服务器
这里的远程服务器是172.16.8.11
[root@localhost ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.8.11
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '172.16.8.11 (172.16.8.11)' can't be established.
ECDSA key fingerprint is SHA256:IpS8Vw0F/Yxece36yQ9KhoIuxHFjSi/Ect/WHGxw//k.
ECDSA key fingerprint is MD5:03:85:10:9a:21:75:d6:f1:7a:6e:fd:a8:08:c5:ef:59.
Are you sure you want to continue connecting (yes/no)? yes <== 是否继续连接,回答为yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@172.16.8.11's password: <==输入远程主机的密码
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@172.16.8.11'"
and check to make sure that only the key(s) you wanted were added.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
3.测试
[root@localhost ~]# ssh 172.16.8.11
1
2
可以看出,无需输入密码即可直接登录
二,客户端为Windows
这里使用xshell来生成密钥对
1.在客户端生成密钥对
点击Xshell菜单栏的工具,选择新建用户密钥生成向导
2.复制生成的公钥到远程主机里面 ~/.ssh/authorized_keys 文件中。如果没有.ssh目录,需要自己建立一个,并更改目录权限为700
[root@localhost ~]# mkdir ~/.ssh
[root@localhost ~]# chmod 700 ~/.ssh/
[root@localhost ~]# vim ~/.ssh/authorized_keys
1
2
3
粘贴公钥的内容,保存退出
3.测试
用xshell新建一个窗口
点击连接即可实现无密码登录
————————————————
版权声明:本文为CSDN博主「独孤柯灵」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/u014721096/article/details/78553032