SSH在其他服务器上添加信任秘钥

一、centos系统

[root@kht151 zoneinfo]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:GNZUKGru5TwlLi59ToR+uObeq/CBPjeQL7acjaVNqxw root@kht151
The key's randomart image is:
+---[RSA 2048]----+
|        .o.      |
|      .o.        |
|     .o..        |
|    oo o         |
|   +. o S        |
|  oo.oo .        |
|  E=*=oo         |
| +=%OB*          |
| .X%@*+o         |
+----[SHA256]-----+
[root@kht151 ~]# for i in kht151 kht152;do ssh-copy-id -i .ssh/id_rsa.pub $i;done
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub"
The authenticity of host 'kht151 (192.168.2.151)' can't be established.
ECDSA key fingerprint is SHA256:ETrT47WngKUihzAZMulgqLliS2td/knN7JOB0lOQEYE.
ECDSA key fingerprint is MD5:77:80:22:a8:ff:e7:71:09:56:a2:7a:90:fb:f3:93:aa.
Are you sure you want to continue connecting (yes/no)? yes

二、ubuntu系统

root@master:/mnt/vos-d0gnoqpd# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:jG7HKt9a4rKtLv66H/p5xfKENUKm4W09tnyoIrVadzE root@master
The key's randomart image is:
+---[RSA 3072]----+
|                 |
|    . o          |
|   . * .         |
|    o +o*        |
|     ..BE=       |
|    ..o.Bo.      |
|   .o.=*=.       |
|  oo=BoB.        |
| .*@OO*..        |
+----[SHA256]-----+
#指定为ubuntu用户
root@master:/mnt/vos-d0gnoqpd# ssh-copy-id ubuntu@192.168.100.11
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out an                                                                                 y that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now                                                                                  it is to install the new keys
Warning: Permanently added '192.168.100.11' (ECDSA) to the list of known hosts.
ubuntu@192.168.100.11's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'ubuntu@192.168.100.11'"
and check to make sure that only the key(s) you wanted were added.