ssh密钥登陆设置

密钥登陆设置

生成公私钥

ssh-keygen命令

[root@loalhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:p5WiXI3+A6p+p4k2NK33f0wTPvbKorA5tXZh8xvKPMo root@loalhost
The key's randomart image is:
+---[RSA 3072]----+
|                 |
|                 |
|                 |
|         o ..    |
|     .  S =. .   |
|    o..+o=+ *    |
|   . o+oo+ B.+   |
|    +.=*++=o+..  |
|   o+==*E=*=+o   |
+----[SHA256]-----+

公钥的分发

ssh-copy-id命令

[root@YX-node01 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@YX-node03
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Authorized users only. All activities may be monitored and reported.
root@yx-node03's password: 

[root@YX-node01 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@YX-node03
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Authorized users only. All activities may be monitored and reported.
root@yx-node03's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@YX-node03'"
and check to make sure that only the key(s) you wanted were added.

密钥的登陆

ssh命令

[root@YX-node01 ~]# ssh root@YX-node02

Authorized users only. All activities may be monitored and reported.

Authorized users only. All activities may be monitored and reported.
Last login: Mon Sep  5 11:13:05 2022 from 192.168.153.176


Welcome to 5.10.0-5.10.0.24.oe1.x86_64

System information as of time:  Mon Sep  5 11:26:44 AM CST 2022

System load:    0.00
Processes:      243
Memory used:    2.7%
Swap used:      0.0%
Usage On:       52%
IP address:     192.168.153.174
IP address:     192.168.153.175
Users online:   3

密钥文件存储

本机公钥文件

/root/.ssh/id_rsa_.pub

[root@YX-node01 .ssh]# cat id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQWlsPTR7eapXsicu8mLKyslFMfxMuptdCQo/12h0cyDzFJRQCw5c6Rv5hwb/gFMB+Wc9vfcy22Iq3N6szimS5T4lO05xLC8fU88ZA4iLliscErG7KJU/63nZlpTyCKieJ8uvVe4dibBvIzIJKL39b68dkRYvKmhujeVoLlBl3eQbvy2cBJvjsFn3RFwl/Tq9IF1pt4k0tUY9AFQPecFqN8u/QjKLqfTombf8WHdLzBphjiiCz45yXwPw9+7a+88rC9PN0mNRcC6nK0j5RlVzCgNUlRR+pkN/K62cP3OoNLsa1WEgjzlS5FgEuflHSIUUGM8N4+NxMkA9zG/Md4IXSObuBAHAKDR1N0cvOR5gtkMoLWIeTj+9ZdD295Wr4lqjhLKL6t3Wjz2BSFrZFeKNPwOXPoq3L5aGHW5iwZ7rFbXaSi6NQHVy3zR6N4ebfhzx54DHJ/mBs7NLO+fO2i59oA07tGV8smd5Ce/RQwklZOLX9VS2/m5hOTxAwKFyiA6c= root@YX-node01

本机私钥文件

/root/.ssh/id_rsa

[root@YX-node01 .ssh]# cat id_rsa
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
NhAAAAAwEAAQAAAYEA0FpbD00e3mqV7InLvJiysrJRTH8TLqbXQkKP9dodHMg8xSUUAsOX
Okb+YcG/4BTAflnPb33MttiKtzerM4pkuU+JTtOcSwvH1PPGQOIi5YrHBKxuyiVP+t52Za
U8gionifLr1XuHYmwbyMyCSi9/W+vHZEWLypobo3laC5QZd3kG78tnASb47BZ90RcJf06v
SBdabeJNLVGPQBUD3nBajfLv0Iyi6n06Jm3/Fh3S8waYY4ogs+Ocl8D8Pfu2vvPKwvTzdJ
jUXAupytI+UZVcwoDVJUUfqZDfyutnD9zqDS7GtVhII85UuRYBLn5R0iFFBjPDePjcTJAP
cxvzHeCF0jm7gQBwCg0dTdHLzkeYLZDKC1iHk4/vWXQ9veVq+Jao4Syi+rd1o89gUha2RX
ijT8Dlz6Kty+Whh1uYsGe6xW12koujUB1ct80ejeHm34c8eeAxyf5gbOzSzvnztoufaANO
7RlfLJneQnv0UMJJWTi1/VUtv5uYTk8QMChcogOnAAAFiHlf7WZ5X+1mAAAAB3NzaC1yc2
EAAAGBANBaWw9NHt5qleyJy7yYsrKyUUx/Ey6m10JCj/XaHRzIPMUlFALDlzpG/mHBv+AU
wH5Zz299zLbYirc3qzOKZLlPiU7TnEsLx9TzxkDiIuWKxwSsbsolT/redmWlPIIqJ4ny69
V7h2JsG8jMgkovf1vrx2RFi8qaG6N5WguUGXd5Bu/LZwEm+OwWfdEXCX9Or0gXWm3iTS1R
j0AVA95wWo3y79CMoup9OiZt/xYd0vMGmGOKILPjnJfA/D37tr7zysL083SY1FwLqcrSPl
GVXMKA1SVFH6mQ38rrZw/c6g0uxrVYSCPOVLkWAS5+UdIhRQYzw3j43EyQD3Mb8x3ghdI5
u4EAcAoNHU3Ry85HmC2QygtYh5OP71l0Pb3laviWqOEsovq3daPPYFIWtkV4o0/A5c+irc
vloYdbmLBnusVtdpKLo1AdXLfNHo3h5t+HPHngMcn+YGzs0s7587aLn2gDTu0ZXyyZ3kJ7
9FDCSVk4tf1VLb+bmE5PEDAoXKIDpwAAAAMBAAEAAAGBAL1ryCmrFYtkH5WC2WVG9f+cOm
lvhkL9j+o/lZ4QhDMsoIMjaIPyykRDUvYRLZ5Nf4vfnsVf+4OobsSPqegbw+LtuomdvRRF
S5IBZpaKgOtrNfC7y6WgMoyDP+S9SruUE4pI/buCqN0EKGZv92v2rrUlMIuq5qJ1ZPdEVm
b8aALEV1ge9jCH+/q3n/8+EHZbVOQXxzDrcvrmkXPTJ0dNoiY3XWue0GabHwjdK/Ixfx1P
O7ATXhPttOoKm8jGVahY/rLekBHKvkr9TNTaCYFFPnlNI1hWntIpfuAvcknDxBlZ4l6+Om
QenL7kF4SisecdXKTXS2SruTMX9ehUrBwSEiUzB+RE168HcFVQylZWp0TeR0NRRBKPl05G
tgXlmsSQIAYd1+GrwVCMmHWnGzzRYP7a+HvsHOWUSFoEFamd69XpnPM/heDfZzZYmpS2lz
4ovhN5Wxb4VhFji+XVADB50V1c4YpZ6sVOrdQRRb1eGJUpjz2JIQgSPuElGZH7hItFkQAA
AMEArn08rznx4LosdfFQaCIbMtNCBEbaUXhlXMJ/osb7Se4b1wviXGujbvpSxisdttjjd1
4G45sB+pMgp3XC+0C+bcBQdxfXvpygFpAodnXTGvmiG4M4jcO5PvfdGhv0I9jsJN/iFb3x
VEyCEXnBB+cM0JS+/xH0HFgBx9r4RXT2QR5r5lZ1vKznqA35zytGBzMTDSVR/1oEBHgNEp
93zHY11FayhjaQNgr89JK5BcS0MiR/8VmZ79az1KQqDbwS3/DCAAAAwQD6Vdo1vQXtjhGG
7K3eIHp6dvXQ+G08QclCnHxOylt41uhJGp7guXesfxgj5ssDFobJSpYnrtyAIm43emLMEa
81ARKucyIjYNAuDxhqT0l9+YNK39+qnDMGh5j1zvLu+XlhPVmD7e3R56MgDRPjjhy4t+mG
LIuzIeLcL8HlZHYfUAC7OMKrg9Hel0ug+1neOA5Dj4TaVBFinbldhKNVwQV58KaEiv57xT
MfT4DY8pBg+nLvugBMa/o2fzL1bwXx7XMAAADBANURTon+esT1BhpT5AxyWZquV+t/QR9O
npk6FcZvNZv5XK4UUrFRwExoV44tu8CVMG6dOrS1I8iKBHdIWOYZm1mYrNjbMXmuQTGGxf
SfpPjmxYDWHj9mr/wSpm3KwoxoQewqqErEDWz6fmDLi2v54fF6ifNa46SHJ4nsGsrTVDzX
mAnQuon9XoRp0UCt4y7e2WV37UWmusHYHMev6TF1xRjdr3vidRO/2dRi7slIxD0S+euZ7d
i1jAzHRJVwDbYD/QAAAA5yb290QFlYLW5vZGUwMQECAw==
-----END OPENSSH PRIVATE KEY-----

其他机器公钥

/root/.ssh/authorized_keys

[root@YX-node01 .ssh]# cat authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDOVfkJvjXRJNOqNuXIl8Q0CMF/PHE0aRhnEFPGrSeV4B5e384Bx6HyrzQoh/XW2/WUBpnD/tJHqQzWf2azBCu5TqdWRrEEPDNg9D9fvmikcDC/1qc0U7XyYzXlcYI0c1Ttgy869OEwYNkRQKUpLggQSHnRhtiR9V6D5QlEeqw9F0qtz5NHlnPMHVKMW9HMyBsiLvnD3AMCTKnseXbwQcnnWNjEJzswt9l3gcu5+NUS1TzrwO6AB9NhyuJ1PeomrKvH/XQtwPGK9qLFKb0TKW9vZVyUZg8xSz5rmu9amawmKrb6HsrpJ1bZmTFcG8oPzNYi0issM2FChEJh82HcPzh0woKMM01SHm5IaaBof6fxOeqSdMXHGEBvYuXMvWndM7Hs9rGqut/5UazkvYrv7+vhBYI3elRyvsN27goulGiNcjanHmWZIKwpZgICG7jmeLnE5DGqVgJ+QdtoHgmfhn5K8iWCJUlRZQBydMz1q8zyrG9bIH6Ko4pdDiWYVYFGi0U= root@YX-node02
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDeRmiE6LgCG9YUiwSzLWd6EuNPUg7fjrJDWpwR0zU2yg8HzysIRD816OkRpDRaNbJrSxaNjuVJfTeYxS2Jc3AAMhMSKcj6gCVKc9stfxSGu+XIRQuxzp1KYjCmPiWz9NGmqrhImTuluMlB6eJD170rZ9RpcYwO8DFER7M+glpkGPjXXOm0gv7VEMumbyXMp37rfvixzLKJO6rA5aJemisR00El6F+MH7UDQi4FHutrKVlE7ADJCj99b5IQ+rAyBq2CJCvHPw1oluYLMpSqVimd82GiL+Vbf2h8ye91YICET20ay24zBBFAKY9UAuebcfOyeYIu5pAC8VFtwahUl9ZBQt6W/qaZfTTywOTfwS3QTWJ021k4ecE8mp8sJtfHggUoVfzBoni5xA5oHh/WUFjQS0V717LiR+0HPpLUIa4ymheKEFDxeL4f4RzEkSYCbaUyGKeSooFvr7tpqtBUPVdG6IMygqI74jhzP2SSUm+t0WVGr5T752ywXgflpkr+5T0= root@YX-node03

曾经连接机器

/root/.ssh/know_hosts

[root@YX-node01 .ssh]# cat known_hosts 
192.168.148.69 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKjhKh5VLh45eHmIVxZUPhwCvgahcbyG3bD9np25ZBHv648mZR/sVsn8ntMN+FzCymAnHtSi5yFt2TdSY5qfuuo=
192.168.115.153 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAQcexJefgvBB6P/tntJjmKTFR0qv4x8LJP2fKyIlefunNuInYolChq537qIoBmEDfc8ClxKzu9RdaIA/2I8YtI=
192.168.153.174 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP4/nvqMynW8FNQVjCX80XtwVkZ/uYtl9Y3Iz8w7hN8hsh0XRomV3clEMF0IKMJZlUeYqi5k7PIgWNW93cMVkf8=
yx-node02 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBP4/nvqMynW8FNQVjCX80XtwVkZ/uYtl9Y3Iz8w7hN8hsh0XRomV3clEMF0IKMJZlUeYqi5k7PIgWNW93cMVkf8=
yx-node03,192.168.153.172 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPz5vKCZBAVEAOUvt/5CkUWsf3cDfwY/7mG34t1uP+IC5R1skmI7/cy4LMlTRg693YI7w1EXeQps3nP7oyT+B8g=
yx-node01,192.168.153.176 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDXWy2x3tLAOYYBu/h2JOTyLS9uNlVW7NJz68yYaifGZP6FQMMwDhbizdrFfQM4xv/OqVVd5f2G2P9jMle2Qpr8=

批量密钥脚本

ssh.sh

#!/bin/bash
#生成公私钥
ssh-keygen -f /root/.ssh/id_rsa -N ""
#将公钥下发给业务机器
sshpass -pDameng@8888 ssh-copy-id -o StrictHostKeyChecking=no -i /root/.ssh/id_rsa.pub root@192.168.153.176

__EOF__

本文作者：应鑫
本文链接：https://www.cnblogs.com/yingxin20000303/p/16657529.html
关于博主：评论和私信会在第一时间回复。或者直接私信我。
版权声明：本博客所有文章除特别声明外，均采用 BY-NC-SA 许可协议。转载请注明出处！
声援博主：如果您觉得文章对您有帮助，可以点击文章右下角【推荐】一下。您的鼓励是博主的最大动力！