Paste_Image.png
1、生成key
ssh-keygen -t
ls
id_rsa id_rsa.pub
2、使当前主机也可以用刚才生成的key登陆
cat id_rsa.pub > /root/.ssh/authorized_keys
# ls /root/.ssh/
authorized_keys known_hosts
3、下载key
# sz id_rsa
4、修改ssh配置文件
# vim /etc/ssh/sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile /root/.ssh/authorized_keys
PasswordAuthentication no /*禁止密码验证登录
5、重启ssh服务(非必要)
# service sshd restart
停止 sshd: [确定]
正在启动 sshd: [确定]
6、复制公钥到其他机器(104.5为目标机器)
# ssh-copy-id -i ./id_rsa root@192.168.104.5
root@192.168.104.5's password:
Now try logging into the machine, with "ssh 'root@192.168.104.5'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
7、登录验证
# ssh -i id_dsa root@192.168.104.5
Last login: Mon Dec 28 11:07:31 2015 from 192.168.104.1
[root@host-192-168-104-5 ~]#
8、批量拷贝到其他机器可以使用
ansible all -i ../iplist -m shell -a "mkdir /home/admin/.ssh" -u admin
ansible all -i ../iplist -m copy -a "src=./online_id_rsa.pub dest=/home/admin/.ssh/authorized_keys" -u admin
ansible all -i ../iplist -m shell -a "chmod 700 /home/admin/.ssh" -u admin
ansible all -i ../iplist -m shell -a "chmod 600 /home/admin/.ssh/authorized_keys" -u admin
网友评论