ssh远程登录

ssh root@192.168.124.128

密钥登录：
1)、ssh-keygen 生成公钥和私钥
[root@rhel5 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
4c:f2:c4:14:67:15:ef:5e:1e:43:44:94:45:ae:1a:cf root@rhel5

第二次生成
[root@rhel5 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
9b:10:05:52:3e:67:a9:30:cd:84:28:36:85:c1:d6:0f root@rhel5

2)、把客户端公钥(id_rsa.pub)传给服务器：
[root@rhel5 .ssh]# ssh-copy-id -i id_rsa.pub 192.168.124.129
10
root@192.168.124.129's password:
Permission denied, please try again.
root@192.168.124.129's password:
Now try logging into the machine, with "ssh '192.168.124.129'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

公钥在服务器上的位置
[root@localhost .ssh]# ll
total 8
-rw------- 1 root root 392 Jun 20 23:47 authorized_keys //公钥被改名为authorized_keys，以后服务器就用它加密传输数据给客户端，客户端使用私钥--钥匙来做验证 能解开 ---->验证通过 解不开 ---->不是合法用户
-rw-r--r-- 1 root root 794 Jun 20 22:43 known_hosts

3)、无密码登录、无密码数据传输：
[root@rhel5 .ssh]#
[root@rhel5 .ssh]# ssh root@192.168.124.129
Last login: Wed Jun 20 22:44:09 2012 from 192.168.124.129
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]#

实现无密码往回拽数据：
[root@rhel5 ~]# rm -rf log.tar.gz
[root@rhel5 ~]# rsync root@192.168.124.129:/tmp/log.tar.gz ./
[root@rhel5 ~]# ll
total 96
-rw------- 1 root root 1427 Jun 18 09:53 anaconda-ks.cfg
-rw-r--r-- 1 root root 26586 Jun 18 09:52 install.log
-rw-r--r-- 1 root root 3671 Jun 18 09:50 install.log.syslog
-rw-r--r-- 1 root root 9188 Jun 21 14:40 log.tar.gz
-rw-r--r-- 1 root root 26586 Jun 21 13:47 root@192.168.124.129
------------------------------------------------------------------

[root@rhel5 ~]# rm -rf log.tar.gz
[root@rhel5 ~]# scp root@192.168.124.129:/tmp/log.tar.gz ./
log.tar.gz 100% 9188 9.0KB/s 00:00
[root@rhel5 ~]# ll
total 96
-rw------- 1 root root 1427 Jun 18 09:53 anaconda-ks.cfg
-rw-r--r-- 1 root root 26586 Jun 18 09:52 install.log
-rw-r--r-- 1 root root 3671 Jun 18 09:50 install.log.syslog
-rw-r--r-- 1 root root 9188 Jun 21 14:38 log.tar.gz
-rw-r--r-- 1 root root 26586 Jun 21 13:47 root@192.168.124.129

口令登录：输入密码登录

远程传输是建立在远程登录之后的，登录一次---建立连接之后 开始传输数据
网上银行下载的证书：就是公钥---锁