ssh免密登录

1、配置ssh免密登录

两台：

10-1-1-161
10-1-1-8

要实现10.1.1.161 免密登录 10.1.1.8

一键产生非交互的密钥对

[root@oracledb ~]# ssh-keygen -t rsa -f /root/.ssh/id_rsa -P ""

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:5hsmlVOgHKM8E0vmJ/Thc97k4ukaxUGK/8ZUs1V7vQE root@host-10-1-1-8
The key's randomart image is:
+---[RSA 2048]----+
| = + o E. |
| * O B . ....|
| X O o = . ..o|
| * = O + .o|
| . S + . |
| X + |
| o X |
| * o |
| ..o |
+----[SHA256]-----+

[root@host-10-1-1-8 ssh]# ls /root/.ssh/
id_rsa id_rsa.pub



将公钥(id_rsa.pub)拷贝到10.1.1.8的机器上:

[root@host-10-1-1-161 .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.1.1.8

本机也要操作：

cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

chmod 600 /root/.ssh/authorized_keys



2、报错解决：

2.1、ssh拷贝秘钥报错解决：

报出下面错误，各种方法都试过，都不管用，后来发现 /root/.ssh 目录下多了一个文件 config 删除即可，请看下面操作：

unix_listener: cannot bind to path: /root/.ssh/sockets/root@192.168.0.92-22.Lh6rQMayvvRFfued

[root@test1 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.0.92
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.0.92's password: 
bind: No such file or directory
unix_listener: cannot bind to path: /root/.ssh/sockets/root@192.168.0.92-22.Lh6rQMayvvRFfued


[root@test1 ~]# cd /root/.ssh
[root@test1 .ssh]# 
[root@test1 .ssh]# ls
authorized_keys  config  id_rsa  id_rsa.pub  known_hosts
[root@test1 .ssh]# 
[root@test1 .ssh]# rm -rf config

[root@test1 .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.0.92
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.0.92's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.0.92'"
and check to make sure that only the key(s) you wanted were added.

拷贝秘钥成功

    
参照文档ansible篇：

https://www.cnblogs.com/effortsing/p/10012079.html