understand:
命令1:$ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
This command will generate a public key (~/.ssh/id_rsa.pub) and private key (~/.ssh/id_rsa),
-t dsa: Indicates the encryption type of the key used, which can be 'rsa' and 'dsa'
-P '': Indicates that no password is required to log in
-f ~/.ssh/id_dsa: indicates that the key storage path is ${USER}/.ssh/id_dsa
命令2:$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
Add the public key of this machine to authorized_keys, which allows this machine to log in without password through ssh
Pay attention to using >> instead of >, because if other hosts (such as A) also log in without login, you can also add the public key of host A to the authorized_keys file. In this way, host A can log in to the machine without ssh.
step 1 make a key pair
Enter the following command in the client (local machine) terminal
ssh-keygen -t [rsa|dsa]
rsa and dsa represent different algorithms
For example:
ssh-keygen -t rsa
Just press Enter all the time (no need to set a password)
The key file and private key file id_rsa, id_rsa.pub will be generated (if dsa is used, id_dsa, id_dsa.pub will be generated)
The generation location is under the /root/.ssh/ folder (I use the root user, so under root, there will be a prompt file location during the generation process)
.ssh is a hidden folder, use ls -a to view
Put the public key in the specified location on the server
Method 1, direct copy
1. Copy the public key to the .ssh folder under the root user of the server (copy it to the .ssh folder under which user to log in with)
scp /root/.ssh/id_rsa.pub [email protected]:/root/.ssh/
2. Install the public key
Login to the server cd /root/.ssh/
cat id_rsa.pub >> authorized_keys
Method 2: Use the ssh-copy-id command to copy (recommended)
One command is ok directly
ssh-copy-id [email protected]
OK without password
Now, you can try to log in to the target host using SSH without having to enter a password. Note that this setup requires keeping your private key file (usually `~/.ssh/id_rsa`) safe from being accessed by others.