ssh免秘钥认证-复制

scp免秘钥认证

https://www.cnblogs.com/wayne173/p/5505863.html

https://blog.csdn.net/nfer_zhuang/article/details/42646849

##################交互式秘钥生成ssh-dsa#######################

1 创建用户及密码(在上图4台机器上面操作)

useradd oldgirl

echo 123456|passwd --stdin oldgirl

id oldgirl

su - oldgirl

2 在m01机器生成秘钥对，一路回车

[oldgirl@m01 ~]$ ssh-keygen -t dsa #一路回车就生成了秘钥

Your identification has been saved in /home/oldgirl/.ssh/id_dsa.

Your public key has been saved in /home/oldgirl/.ssh/id_dsa.pub.

[oldgirl@m01 ~]$ ll .ssh/

total 8

-rw------- 1 oldgirl oldgirl 668 Feb 7 14:30 id_dsa #钥匙，私钥

-rw-r--r-- 1 oldgirl oldgirl 601 Feb 7 14:30 id_dsa.pub #锁，公钥

3 m01分发公钥

如果ssh服务没有优化（端口没修改）：执行如下命令分发公钥

[oldgirl@m01 ~]$ ssh-copy-id -i .ssh/id_dsa.pub [email protected]

如果ssh服务端口修改过：执行如下命令分发公钥

[oldgirl@m01 ~]$ ssh-copy-id -i .ssh/id_dsa.pub "-p 52113 [email protected]"

4 测试

验证方法：在管理机器m01上执行如下命令，如果现实IP地址正确即可。

ssh -p52113 [email protected] /sbin/ifconfig eth0

##################交互式秘钥生成ssh-rsa#######################

1 创建用户及密码(在上图4台机器上面操作)

useradd oldgirl

echo 123456|passwd --stdin oldgirl

id oldgirl

su - oldgirl

2 在m01机器生成秘钥对，一路回车

这里创建的是rsa

[root@m01 ~]# ssh-keygen -t rsa #一路回车即可

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

fe:df:23:98:5b:2e:96:ed:90:78:34:5e:3e:41:67:46 root@szxjdw02-back-47

The key's randomart image is:

+--[ RSA 2048]----+

| E |

| . |

| . + |

| S o o |

| . + = . |

| o ==+ |

| o*+oo. |

| .o=+... |

+-----------------+

[root@szxjdw02-back-47 ~]# ll .ssh/

total 8

-rw-------. 1 root root 1675 Jul 11 09:11 id_rsa #钥匙，私钥

-rw-r--r--. 1 root root 403 Jul 11 09:11 id_rsa.pub #锁，公钥

[root@szxjdw02-back-47 ~]#

3 m01分发公钥

如果ssh服务没有优化（端口没修改）：执行如下命令分发公钥

[oldgirl@m01 ~]$ ssh-copy-id -i .ssh/id_dsa.pub [email protected]

如果ssh服务端口修改过：执行如下命令分发公钥

[oldgirl@m01 ~]$ ssh-copy-id -i .ssh/id_dsa.pub "-p 52113 [email protected]"

实战：

[root@office ~]# ssh-copy-id -i .ssh/id_rsa.pub [email protected]

[email protected]'s password:

Now try logging into the machine, with "ssh '[email protected]'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

[root@office ~]#

然后到目标机器查看：如下已经ok了。authorized_keys

[root@szxjdw01-privider-29 ~]# ll .ssh/

total 4

-rw-------. 1 root root 403 Jul 11 09:14 authorized_keys

[root@szxjdw01-privider-29 ~]#

4 测试

验证方法：在管理机器m01上执行如下命令，如果现实IP地址正确即可。

ssh -p52113 [email protected] /sbin/ifconfig eth0

实战测试：ok

[root@office target]# scp jdwin-upms-rpc-service-assembly.tar.gz [email protected]:/data/backup/

jdwin-upms-rpc-service-assembly.tar.gz 100% 78MB 78.4MB/s 00:01

[root@office target]#

ssh免秘钥认证-复制

猜你喜欢