操作步骤:
1.主机A
生成公钥id_rsa.pub文件并导出该文件
root@mytest:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
7e:0f:dc::2e:d3:e0::c0:5f:fe:cf:e9:7a:f7: root@mytest
The key's randomart image is:
+--[ RSA ]----+
| .. |
| .. . |
| ..oo . |
| .+.+ . |
| S +.o . |
| . . +.. |
| . + .o E |
| . o * o|
| o+.oo|
+-----------------+
root@mytest:~# sz /root/.ssh/id_rsa.pub
这步之后也可以通过以下步骤直接实现公钥认证(但是需要知道主机B用户danny的密码)
# ssh-copy-id -i /root/.ssh/id_rsa.pub danny@12.1.1.2
danny@12.1.1.2's password: //输入主机B用户danny的登录密码
2.主机B
得到id_rsa.pub文件,创建用户danny,并在该用户家目录创建.ssh文件夹和其文件下的远程认证文件authorized_keys
[root@B danny]# mkdir .ssh
[root@B danny]# cd .ssh/
[root@B .ssh]# touch authorized_keys
[root@B .ssh]# ls
authorized_keys
[root@B .ssh]# cat /home/danny/id_rsa.pub >authorized_keys
主机A登录主机B
root@mytest:/# ssh danny@IP_B