多主机免密互信

# 准备三台机器
192.168.57.131
192.168.57.132
192.168.57.133

[root@localhost ~]# pwd    # 三台机器都检查一下，都没有生成过公钥
/root
[root@localhost ~]# ls -a
.   anaconda-ks.cfg  .bash_logout   .bashrc  .mysql_history  .tcshrc
..  .bash_history    .bash_profile  .cshrc   .pki            .viminfo

[root@localhost ~]# ssh-keygen    # 三台机器都需要创建各自的公钥
[root@localhost ~]# ssh-copy-id 192.168.57.131   # 三台机器都需要给自己copy-id，生成authorized_keys文件
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.57.131 (192.168.57.131)' can't be established.
ECDSA key fingerprint is SHA256:hZ85f0Jqzh98Wv8A+RWjMt/aFLffN5+8Fm0pif0MJa0.
ECDSA key fingerprint is MD5:fd:9b:5f:c4:5f:31:36:78:26:60:96:f3:8e:f9:df:ab.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.57.131's password:
Number of key(s) added: 1
Now try logging into the machine, with:   "ssh '192.168.57.131'"
and check to make sure that only the key(s) you wanted were added.
[root@localhost ~]# ls .ssh/
authorized_keys  id_rsa  id_rsa.pub  known_hosts

[root@localhost ~]# ssh-copy-id 192.168.57.131   # 132、133两台机器，将自己的authorized_keys追加到130机器内
[root@localhost ~]# cat .ssh/authorized_keys   # 这个时候，130机器内，有三个公钥了
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYOGBV1a9+127y6u3JVruAcQE7/eYfAbkLsmhHSmNWcBm1AZ4AHffoPd7rSg9BdferVSOS4ZBYokxTUU1rF3YXEcFZezSQ47kD/tnFT0YiCqJTRv53SsaJBLY5Ax50ViI+WXUEwpDxH3cWsjCcm9U+2uD/fK54MsGFxmxpensF2jFjWj3nugF4jk5XFD9syztu6niCXmuZUTaAv5QFhTbOUK2xmePhjw624hEaU84NOtCMyBdIxKzbjtlZsbGsk8F+IYlfY0WPuAK9sPN8JXgEWLQdfemopTjExAoQowWe7YrG03WcU8OmevgqutMosAeGwv0yKK2dd1NV7DxJlTRh root@localhost.localdomain
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGymP3n7Z+f9g9tvUO+7bdNTB+RmJ8GQ6fmtgETfbQQ4LQ6qi2RBqXVRTjKiv70eGs8tNRyodqCP/iPue8Z28cdm+jOUy5S7kuN+X3XeG6OaHBqP+ea3pxh/LYxq1SsQQ/2sbFj2RAlj3dPKeWLGspdchs2bWX/MYgGLftorZlbZ/NbiWmw2iOFZownuAjFo0Cy5Tw4QjgWkeIdz0obMA+vDQYfw4kE6MKiJZ9b1v1MFm+XxQ3PcxseJhUKDH0I+ea/eBkK3be60pb7AXEh1tFw95nuprLuE7/qQMc2huzQGedAZIFq8IrnVHOV+vYgeF77OdcP+C3bKLENotVG0Wd root@localhost
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDbN7NfZ5wfmOrS+ADiFBEJbBIsZKOyA1EXHCaMwwQVBWN7OlP5vXfSRV6VJrDsClux76+QN8ui1pdMN6PTesflZ1bFHdhzCsd5P74IlwrtY0+9IbD5CjZNnYvzkK+/P/fBZ5fE44lpBgz4jXWHjChKamIjf4i2H0QZk7mAGg+HkOZE2BU1U89dNfOTyuRHFEoHCGqVRu3lfrIHBrSIL0Rz8ZEdSDU+inncuCsOyc4hLljRpw9BVdV9LZzGZivKRz+dNhratY/qLqn6PXY1D7H4RDVs71dQ7jxU+0VxbHmxwxTFfw+mQ8aDFfilQF9nFXTlWQHtM1Ai8Vhf+JwvHzL3 root@localhost
[root@localhost ~]# scp .ssh/authorized_keys 192.168.57.132:/root/.ssh/
[root@localhost ~]# scp .ssh/authorized_keys 192.168.57.133:/root/.ssh/

[root@localhost ~]# ssh 192.168.57.132     # 测试成功，只需要一个yes，无需密码
The authenticity of host '192.168.57.132 (192.168.57.132)' can't be established.
ECDSA key fingerprint is SHA256:hZ85f0Jqzh98Wv8A+RWjMt/aFLffN5+8Fm0pif0MJa0.
ECDSA key fingerprint is MD5:fd:9b:5f:c4:5f:31:36:78:26:60:96:f3:8e:f9:df:ab.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.57.132' (ECDSA) to the list of known hosts.
Last login: Fri Jul 10 20:30:24 2020 from 192.168.57.131