ssh scp如何添加免密访问?

2019-04-10  本文已影响0人  辛未

实现功能

主机A 免密访问 主机B。

创建秘钥

登录主机A,创建主机秘钥和公钥。
user@A:~$ ssh-keygen -t rsa
直接回车,使用默认值即可,秘钥文件默认生成到$HOME/.ssd/目录:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/seewin/.ssh/id_rsa): 
Created directory '/home/seewin/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/seewin/.ssh/id_rsa.
Your public key has been saved in /home/seewin/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:ut6DNj0a3jjrEAJRi4CsxXDfvnM83BV/BPODil3iuzY seewin@seewin
The key's randomart image is:
+---[RSA 2048]----+
|*+o           o  |
|o=oo .        .+ |
|+.. . .    ..o .o|
|..   .    + +o ..|
|  . . . S. +. . .|
|   . . = . ..  . |
|    . =o= ..     |
|     o=O+. E.    |
|     +O=oo...    |
+----[SHA256]-----+

复制公钥内容

user@A:~$ ssh-copy-id user@B

接下来,就可以在主机A上直接使用SSH或者SCP访问主机B了:

user@A:~$ ssh user@B
Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-70-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Sun Nov 24 00:51:15 UTC 2019

  System load:    0.08               Processes:             106
  Usage of /home: 0.0% of 858.31GB   Users logged in:       1
  Memory usage:   5%                 IP address for enp2s0: 192.168.1.2
  Swap usage:     0%


0 packages can be updated.
0 updates are security updates.

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings


Last login: Sun Nov 24 00:46:36 2019 from 192.168.1.3
user@B:~$ 

或者,使用手工的方式将A的公钥拷贝到B主机:

user@A:~$ cat .ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD4LnrbrQrUR58hvDZChgLnOQh1OobKmYWAr8QBtuV8FYS2NWBkf+UqKt9e8/xA6F32SUBOFGtSQcPCyr0eb6QyS6N0JSwWgvGVEe13HqgpDBucqdoRrsnap6zvvqANMN+dVg0wJ/WP07JyTgYXCoQmAFc5Xj1YtlaYLflWCXuqs5Dzr4jjqBQUNggAP3DASxF8RcDvhExUwGBxaymwh61TrucdcwE/NUlm2d52oXKnj89F1NduXpQzDoLyyAD7FVADcPTxcKuJwdyorBKrYsK1SMUyon3p6xD4SM7VGLNF9FQ+qYkxWLnUS3p0px6uP4LShHDGXFoJba0ab3NI6kCF user@A

创建默认认证
登录主机B,进入HOME/.ssh/目录。若没有.ssh目录,则创建该目录:
user@B:~$ mkdir ~/.ssh
检查是否存在authorized_keys文件,若不存在,则创建。
user@B:~$ touch authorized_keys
将主机A的公钥内容添加到authorized_keys文件末尾:

user@B:~$ vi authorized_keys
# 这里是原有内容,其它主机的公钥数据。
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD4LnrbrQrUR58hvDZChgLnOQh1OobKmYWAr8QBtuV8FYS2NWBkf+UqKt9e8/xA6F32SUBOFGtSQcPCyr0eb6QyS6N0JSwWgvGVEe13HqgpDBucqdoRrsnap6zvvqANMN+dVg0wJ/WP07JyTgYXCoQmAFc5Xj1YtlaYLflWCXuqs5Dzr4jjqBQUNggAP3DASxF8RcDvhExUwGBxaymwh61TrucdcwE/NUlm2d52oXKnj89F1NduXpQzDoLyyAD7FVADcPTxcKuJwdyorBKrYsK1SMUyon3p6xD4SM7VGLNF9FQ+qYkxWLnUS3p0px6uP4LShHDGXFoJba0ab3NI6kCF user@A

验证免密登录
登录主机A,执行ssh 或 scp:

user@A:~$ ssh user@B
user@A:~$ scp abc.txt user@B:~/data/
上一篇下一篇

猜你喜欢

热点阅读