ssh无密码访问 2019-05-26

目标：

配置ssh无密码访问

准备：

-centos7

过程：

访问端：
一路回车就行了

[root@node1 ~]# ssh-keygen 
Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
06:ff:e6:43:43:fe:f6:3f:4a:9b:9c:17:21:dc:43:0d root@node1
The key's randomart image is:
+--[ RSA 2048]----+
|              E..|
|               ..|
|      .     . o  |
|       o  .  o + |
|        So    . o|
|       . .+    . |
|         .oo .  .|
|         o. = +o |
|          .o B+.o|
+-----------------+

将密钥发送至被访问端：

[root@node1 ~]# ssh-copy-id node2
The authenticity of host 'node2 (10.10.49.184)' can't be established.
ECDSA key fingerprint is bf:21:6b:73:46:09:4b:de:f0:a7:38:7f:d9:86:89:fc.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@node2's password: （被访问端密码）

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'node2'"
and check to make sure that only the key(s) you wanted were added.

检验：

[root@node1 ~]# ssh node2
Last login: Sun May 26 13:34:19 2019 from node1
[root@node2 ~]# 

附，ssh发送密钥过程：

将访问端/root/.ssh/id_rsa.pub中的密钥追加到被访问端的/root/.ssh/authorized_keys文件中。
访问端密钥：

[root@node1 ~]# cat /root/.ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDlyagW3N/T2gsOkrTb4s/8QgXOjGo9xPC7br/XqDQIAq9zGXJP/kbJcIhNzoZfgNQLZM5PP+y6mSpV0K1YelOcEV2gpYksQ5u3WXrtOfTpddBXr6I/eQRFxhBDEv6g+ysYQ+vfGFJVGlkNTqMjeD8oWH5R0A/o/lJJJCTBZy0SfydYXAlV40urqnpi8jt0gBvNse/Pdxd4vpZOHPadt/IHDTCbckP5ZoDXvQK4smMt8yzHC6o4QtRjeDANNWwU+B/H9RWxfURz7hryGB1lxZLmKHbc7MIYMkmJ/FGowMZJDQ1Wdma0I13c/n5z7P+XPLmMhliz332R9rN2fyzU5t17 root@node1

被访问端密钥：

[root@node2 ~]# cat /root/.ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDlyagW3N/T2gsOkrTb4s/8QgXOjGo9xPC7br/XqDQIAq9zGXJP/kbJcIhNzoZfgNQLZM5PP+y6mSpV0K1YelOcEV2gpYksQ5u3WXrtOfTpddBXr6I/eQRFxhBDEv6g+ysYQ+vfGFJVGlkNTqMjeD8oWH5R0A/o/lJJJCTBZy0SfydYXAlV40urqnpi8jt0gBvNse/Pdxd4vpZOHPadt/IHDTCbckP5ZoDXvQK4smMt8yzHC6o4QtRjeDANNWwU+B/H9RWxfURz7hryGB1lxZLmKHbc7MIYMkmJ/FGowMZJDQ1Wdma0I13c/n5z7P+XPLmMhliz332R9rN2fyzU5t17 root@node1

被访问端密钥文件权限：

[root@node2 ~]# ll /root/.ssh/authorized_keys 
-rw-------. 1 root root 392 May 26 13:41 /root/.ssh/authorized_keys

总结：

在某些特殊情况下，可以利用手动的方式来完成密钥的复制。