演示从172.16.10.172免密登录到172.16.101.73
两台服务器的hostname
- 172.16.10.172 master
- 172.16.10.173 node1
- 在172.16.10.172 生成rsa公私钥
必须在用户目录下的.ssh目录下生成公私钥
如果用root用户登录的话,那么目录应用为/root/.ssh
[root@docker01 /]# cd /root/.ssh/
[root@docker01 .ssh]#
执行以下命令, 一直按Enter直到生成完成
sh-keygen -t rsa
生成完成后,/root/.ssh目录下会有两个文件id_rsa、id_rsa.pub
- id_rsa 私钥
- id_rsa.pub 公钥
[root@docker01 .ssh]# ls
id_rsa id_rsa.pub known_hosts
- 把公钥复制到需要免密登录的服务器上172.16.10.173
在/root.ssh目录下复制id_rsa.pub
[root@docker01 .ssh]# scp ./id_rsa.pub root@172.16.10.173:/root/.ssh/auth_key_master.pub
The authenticity of host '172.16.10.173 (172.16.10.173)' can't be established.
ECDSA key fingerprint is 85:5b:d9:7e:01:b3:fa:1c:72:80:6b:c8:15:73:82:b6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.10.173' (ECDSA) to the list of known hosts.
root@172.16.10.173's password:
id_rsa.pub 100% 405 0.4KB/s 00:00
[root@docker01 .ssh]#
id_rsa.pub 传过去后改了一个名字 auth_key_master.pub
- 在172.16.10.173服务器上把auth_key_master.pub公钥内容进行公钥合并
查看公钥
[root@docker01 ~]# cd /root/.ssh/
[root@docker01 .ssh]# ls
auth_key_master.pub id_rsa id_rsa.pub known_hosts
执行合并
[root@docker01 .ssh]# cat auth_key_master.pub >> authorized_keys
# 说明:如果authorized_keys不存在就会自动创建,如果存在就会追加
- 验证免密登录
在172.16.10.172上输入ssh root@172.16.10.173
[root@docker01 .ssh]# ssh root@172.16.10.173
Last login: Tue Nov 6 14:27:44 2018 from 192.168.10.103
登录成功
网友评论