linux 下实现ssh免密钥登录

小伙伴经常在运维的时候需要ssh到很多其他的服务器，但是又要每次输入密码，一两台还没什么，多了就烦了。所以这里教大家如何直接ssh到其他机器而不用输入密码。

[root@jw ~]# ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): ——一路回车吧

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

54:77:79:fd:82:90:d7:c5:7f:5a:04:39:8f:e8:40:09 root@jw

The key's randomart image is:

+--[ RSA 2048]----+

|        E..o..o*o|

|         .=...= =|

|        .. o o *o|

|       .  . o o *|

|        S  o   +.|

|            . .  |

|                 |

|                 |

|                 |

+-----------------+

会在本机生成两个文件，一个id_rsa.pub公钥一个id_rsa私钥

[root@jw ~]# cd .ssh/

[root@jw .ssh]# pwd

/root/.ssh

[root@jw .ssh]# ll

total 8

-rw-------. 1 root root 1675 Nov  6 09:46 id_rsa

-rw-r--r--. 1 root root  389 Nov  6 09:46 id_rsa.pub

将公钥拷贝到你需要连接的主机上，如192.168.3.2

[root@jw .ssh]# ssh-copy-id -i id_rsa.pub root@192.168.3.2

The authenticity of host '192.168.3.2 (192.168.3.2)' can't be established.

RSA key fingerprint is e4:fa:45:0d:a1:e5:77:0d:be:41:2f:d9:f3:2f:56:f1.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.3.2' (RSA) to the list of known hosts.

root@192.168.3.2's password: 

Now try logging into the machine, with "ssh 'root@192.168.3.2'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

拷贝需要输入yes，并输入对方主机192.168.3.2的密码

查看192.168.3.2的/root/.ssh/目录下会生成authorized_keys文件，内容如下

[root@jw2 .ssh]# cat authorized_keys 

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAt5Bum8vL+FezAzM9xUzSLnzTVGOwwmnu6dQcrIu5WCNqb1VgO1J2jj0jUDaK670tNIi5b2C+rr0kontqlVwblFZCrT/2gLBqj51t8UKu7YzaCxJBqdHbIxSgyE2/klxM4x3L/8j2FnGiBDzB6eZ9VLatnFjm2D1QtxStu2It+h1Rg2sqQqMxg3+rLkeG4b8nPBDxw6pczYQR9mKsmvH3wEDi4+17wonz9T+tqQO0dI9jI7jibwEpHWkpVzWM+lQpyU4VrEtq9uVEE6gsIKcWzdpfM5B3WVfA8ts2TM8zxu+NRvA0Dfxzh3iEkVUv7zAPs6tlZM16JoHcXros++goJQ== root@jw

[root@jw2 .ssh]# pwd

/root/.ssh

————————————————

如此直接在本机192.168.3.1 ssh对方ip，ssh 192.168.3.2 因为默认都是root，所以可以不用输入root@192.168.3.2

如果需要在192.168.3.2远程192.168.3.1；那就在3.2上如上步骤做一遍；

可以在192.168.3.1主机上查看/root/.ssh/目录下的文件

[root@jw .ssh]# ll

total 12

-rw-------. 1 root root 1675 Nov  6 09:46 id_rsa——私钥  解密

-rw-r--r--. 1 root root  389 Nov  6 09:46 id_rsa.pub——公钥 加密

-rw-r--r--. 1 root root  393 Nov  6 09:49 known_hosts——已知的主机列表

[root@jw .ssh]# cat known_hosts 

192.168.3.2 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvMTT5iDe+VuIfIw76LspyYt7EcBTzj6aEa5dto+4G+la1sxnMiy2xIhynctX6T1JipXYsv2cPdPHfV2i/BD4ZLNV30+j6b5G+qEqHxaTxgoez6MyRCO0FT1pI5TpPHA9neMN/70Yrmp4RttHM04gz6X9CesZwfRaHpFoBcVm6+0YgEOakDSFbe7T/Se/M6dhuJwWXmJYSoSG/z1QkBn/QI/YgszjFQBiulDPXhHTd/WWJd64mFJLuAhr+QmA+QG4sdYlJYl26hFUUf/Tgzw9cdkNM57jyQ436crJ6s2duJZ3zYGvclwSVLdhQH7VigZFRoua+wTxeD8QgtaCOf2Osw==

                                                                            by:rm_rf_db