Magical use of ssh-copy-id command in setting mutual trust between two computers

Others 2022-04-22 09:22:42 views: 0

If two servers need to establish a mutual trust relationship at work, all they need to do is to copy the secret key information. This work has to be done manually. Sometimes it feels really troublesome, but it is helpless. 
Generally, the steps to establish a one-way trust relationship are as follows: 
1) Check whether there is a secret key generated, if not, use ssh-keygen -t rsa to generate it. 
2) Copy the information of id_rsa.pub and use it later. 
3) ssh to connect to the target server, and then add the copied content of id_rsa.pub to the .ssh/authorized_keys file. 
4) Exit the current window and log in again to verify whether passwordless communication is possible. 
Now there is a command that can exempt us from 2 , 3 steps, similar to the one-key configuration. . .

#假设要从本机登录远端机器,免密码登录的那种,那么:
#本机产生秘钥
[root@localhost .ssh]# ssh-keygen -t rsa

#查看下公钥和私钥文件
[root@localhost .ssh]# ls -lrt 总用量 12 -rw-r--r--. 1 root root 408 9月 23 17:43 id_rsa.pub -rw-------. 1 root root 1675 9月 23 17:43 id_rsa -rw-r--r--. 1 root root 784 9月 23 17:48 known_hosts #将公钥拷贝到远端机器中(-i 参数指定公钥,可以忽略后缀名) [root@localhost .ssh]# ssh-copy-id -i id_rsa root@10.*.*.* The authenticity of host '10.*.*.* (10.*.*.*)' can't be established. RSA key fingerprint is 88:bf:37:46:6f:71:02:36:62:4e:d2:7a:31:54:ba:68. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@10.*.*.*'" and check to make sure that only the key(s) you wanted were added. #验证 [root@localhost .ssh]# ssh root@10.*.*.* Last login: Fri Sep 23 10:21:27 2016 from 10.64.132.108 [root@bak-hesuan ~]# exit

If it is windows login, just copy the public key file, which is equivalent to putting the public key file on the machine where password-free login is required, and the private key on the server itself

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=324940414&siteId=291194637
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com