Solaris ssh配置主机间信任关系

假设需要配置从主机com00biiitf001登录主机ols00biiitf001时不需要密码，则采用以下步骤配置：

• com00biiitf001上产生公用/私有密钥对

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/export/home/jyu/.ssh/id_rsa):
Created directory '/export/home/jyu/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /export/home/jyu/.ssh/id_rsa.
Your public key has been saved in /export/home/jyu/.ssh/id_rsa.pub.
The key fingerprint is:
b0:89:f6:e5:4c:43:f1:9b:c4:ac:a7:d8:1d:98:67:4d jyu@com00biiitf001

• 在ols00biiitf001上建立.ssh目录

$ mkdir -p $HOME/.ssh
$ chmod 700 $HOME/.ssh
$ touch $HOME/.ssh/authorized_keys
$ chmod 600 $HOME/.ssh/authorized_keys

• 把com00biiitf001的公钥传到ols00biiitf001上

$ cat $HOME/.ssh/id_rsa.pub | ssh ols00biiitf001 'cat >> .ssh/authorized_keys && echo "Key uploaded successfully"'
The authenticity of host 'ols00biiitf001 (10.0.17.20)' can't be established.
RSA key fingerprint is 96:f2:60:e1:22:c8:54:ad:35:9c:3e:d1:51:a0:73:79.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ols00biiitf001,10.0.17.20' (RSA) to the list of known hosts.
|-----------------------------------------------------------------|
| This system is for the use of authorized users only.            |
| Individuals using this computer system without authority, or in |
| excess of their authority, are subject to having all of their   |
| activities on this system monitored and recorded by system      |
| personnel.                                                      |
|                                                                 |
| In the course of monitoring individuals improperly using this   |
| system, or in the course of system maintenance, the activities  |
| of authorized users may also be monitored.                      |
|                                                                 |
| Anyone using this system expressly consents to such monitoring  |
| and is advised that if such monitoring reveals possible         |
| evidence of criminal activity, system personnel may provide the |
| evidence of such monitoring to law enforcement officials.       |
|-----------------------------------------------------------------|
Password:
Key uploaded successfully

• 现在就可以从com00biiitf001直接登录到ols00biiitf001上

$ ssh jyu@ols00biiitf001