SSH免密登录
1.环境准备
实验目标:ServerA远程免密登录到ServerB
SSH免密登录
ServerA
[root@localhost ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:DcXtto44LEYfU4M+fxW41AOGm+3LZl1v6Vx0H5csR9A root@localhost.localdomain
The key's randomart image is:
+---[RSA 3072]----+
| ..o .. |
| .o + .E |
| .. * + . |
| .o= * * .|
| .S..= + B+|
| . = + +.*|
| . o * + + .=|
| o = o B o.+|
| . . . + .+ |
+----[SHA256]-----+
[root@localhost ~]# ll .ssh/
总用量 8
-rw-------. 1 root root 2610 4月 17 21:37 id_rsa
-rw-r--r--. 1 root root 580 4月 17 21:37 id_rsa.pub
发送密钥
[root@localhost ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.10.202
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub"
The authenticity of host '192.168.10.202 (192.168.10.202)' can't be established.
ECDSA key fingerprint is SHA256:GOHvQgwN0iTiEFdJb6zEc6J3o2dNunfaOZWMpF20JXw.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.10.202's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.10.202'"
and check to make sure that only the key(s) you wanted were added.
远程登录
[root@localhost ~]# ssh root@192.168.10.202
Activate the web console with: systemctl enable --now cockpit.socket
This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register
Last login: Tue Apr 16 21:47:38 2024
[root@localhost ~]# 注销
Connection to 192.168.10.202 closed.
ServerB
[root@localhost ~]# ll .ssh/
总用量 4
-rw-------. 1 root root 580 4月 17 21:38 authorized_keys
[root@localhost ~]#