第一个里程:在管理主机上创建密钥对信息
ssh-keygen -t dsa <-- 创建密钥对命令 -t dsa表示指定密钥对加密类型
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa): <-- 确认私钥文件所保存的路径
/root/.ssh/id_dsa already exists.
Overwrite (y/n)? y <-- 如果已经存在了密钥对信息,是否进行覆盖
Enter passphrase (empty for no passphrase): <-- 确认是否给私钥设置密码信息(一般为空)
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
46:c8:21:b9:99:6e:0c:59:39:66:38:7a:97:29:51:76 root@m01
The key's randomart image is:
+--[ DSA 1024]----+
| o+oE |
| +.B+ o |
| . B Bo . |
|. = B . |
| . * S |
| + . |
| . |
| |
| |
+-----------------+
第二个里程:将管理主机上公钥信息发送给被管理主机
ssh-copy-id -i /root/.ssh/id_dsa.pub 172.16.1.31(注:这里的ip就是秘钥登录指定的ip)
[email protected]'s password:
Now try logging into the machine, with "ssh '172.16.1.31'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
第三个里程:进行远程管理测试(基于密钥的方式进行远程管理)
ssh 172.16.1.31 <-- 可以不用输入密码信息,就能登陆成功
ssh 172.16.1.31 uptime <-- 可以不用登陆到远程主机,就可以直接查看远程主机信息