所谓公钥登录,就是用户将自己的公钥储存在远程主机上。登录的时候远程主机回向用户发送一段随机字符串,用户用自己的秘钥加密后再发送给远程主机。远程主机用事先储存的公钥进行解密,如果成功,就证明用户是可信的,直接允许登录shell,不再要求密码。
[hadoop@hadoop01 .ssh]$ ssh-copy-id hadoop02.zjl.com #将公钥发送给远程主机
The authenticity of host 'hadoop01.zjl.com (192.168.0.131)' can't be established.
RSA key fingerprint is 60:10:35:2f:64:08:bf:82:e5:bc:56:8c:3d:60:18:13.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop01.zjl.com,192.168.0.131' (RSA) to the list of known hosts.
[email protected]'s password:
Now try logging into the machine, with "ssh 'hadoop01.zjl.com'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[hadoop@hadoop01 .ssh]$ ssh hadoop01.zjl.com #无密码登录
Last login: Mon Jun 19 23:30:46 2017 from 192.168.0.1
[hadoop@hadoop02 ~]$ #无密码登录成功
下面关于SSH相关的文章您也可能喜欢,不妨参考下: