建立SSH信任
将A主机做为客户端(发起SSH请求 ip:192.168.0.25)
将B主机作为服务器端(接收ssh请求 ip:192.168.0.23)
以上以主动发起SSH登录请求的主机和接收请求的主机进行分类
<1>A主机生成公,私钥证书
[root@locala .ssh]# ssh-keygen -t rsa #rsa算法的证书
Generating public/private rsa key pair. (以下一路回车)
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y (因为我的证书已存在,覆盖即可)
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa. (私钥)
Your public key has been saved in /root/.ssh/id_rsa.pub. (公钥)
The key fingerprint is:
fc:c1:c4:d5:d1:e8:18:ad:fe:7d:30:17:00:32:99:8d.
证书就生成了 id_rsa (私钥)|& id_rsa.pub (公钥)
<2>将A主机生成的公钥传递给B主机
[root@locala .ssh]#scp id_rsa.pub 192.168.0.23:/root/.ssh/
在B主机上将A的公钥更名为
[root@localb .ssh]#mv id_rsa.pub authorized_keys
<3>至此从A主机远程SSH B主机的工作即告完成
[root@locala .ssh]#ssh user@192.168.0.23
如果无需输入密码,则表示配置免登录成功。
* 如果仍需要输入密码,则可能是.ssh目录和文件权限需要修改。