You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1.4 KiB
1.4 KiB
title | date | categories | tags |
---|---|---|---|
SSH 免密认证 | 2020-09-28 | [devops] | [linux ssh] |
a. 安装ssh
sudo apt-get update
sudo apt-get install openssh-server
sudo apt-get install openssh-client
# 测试是否安装成功
ssh -l anxinyun 10.8.30.179
b. 修改配置
修改 /etc/ssh/sshd_config:
RSAAuthentication yes (启用RSA认证)
PubkeyAuthentication yes (启用公钥私钥配对认证)
AuthorizedKeysFile %h/.ssh/authorized_keys (公钥文件路径)
# 重启服务
service ssh restart
c. 配置密钥
# 生成密钥对
# ssh-keygen -t rsa -P ""
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
# 输出到authorized_keys文件
cat .ssh/id_rsa.pub >> .ssh/authorized_keys
# 设置authorized_keys权限
chmod 600 .ssh/authorized_keys
# 需要免密登录 哪台主机,就把公钥注册到哪台主机
# 复制 n1 公钥到 m1
scp anxinyun@10.8.30.179:/home/anxinyun/.ssh/id_rsa.pub .
# 追加到 authorized_keys
cat id_rsa.pub >> .ssh/authorized_keys
# 删除 n1 公钥
rm id_rsa.pub
# 在 n1、n2中重复上述命令
M1 远程登录免密
用xshell 用户密钥生成工具生成密钥对
把公钥追加到 .ssh/authorized_keys
私钥和密钥自己妥善保存
# 禁用ssh用户密码登录
修改 /etc/ssh/sshd_config:
PasswordAuthentication no