系统相关
首页 > 系统相关> > Linux服务器三步配置免密通道

Linux服务器三步配置免密通道

作者:互联网

准备2台linux机器(两台虚拟机,能够ping通)

一.在 client 机器上创建密钥

有提示的话 不用输入任何文字 直接回车

 

[root@sc-mysql ~]# ssh-keygen -t ecdsa
Generating public/private ecdsa key pair.
Enter file in which to save the key (/root/.ssh/id_ecdsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_ecdsa.
Your public key has been saved in /root/.ssh/id_ecdsa.pub.
The key fingerprint is:
SHA256:eviPHWDw0JVOQ2GAcZZ4vNw2hg8/EYZiNGSkbEbqxgo root@sc-mysql
The key's randomart image is:
+---[ECDSA 256]---+
|    .+B=+==o     |
|   + o===o*      |
|  . =.o+.B o     |
| o o   += B      |
|E +     S* o     |
|.o     + .+      |
|.     o . ..     |
|       o o .     |
|        o.o      |
+----[SHA256]-----+

 

可以查看一下公钥和私钥:

[root@sc-mysql ~]# cd /root/.ssh/
[root@sc-mysql .ssh]# ls
id_ecdsa  id_ecdsa.pub  id_rsa  id_rsa.pub  known_hosts
[root@sc-mysql .ssh]# ll
总用量 20
-rw------- 1 root root  227 2月  26 15:02 id_ecdsa
-rw-r--r-- 1 root root  175 2月  26 15:02 id_ecdsa.pub
-rw------- 1 root root 1675 9月  19 22:00 id_rsa
-rw-r--r-- 1 root root  395 9月  19 22:00 id_rsa.pub
-rw-r--r-- 1 root root  876 2月  25 13:31 known_hosts

二.上传公钥至服务器的root用户的家目录下的.ssh/authorized_keys

ssh-copy-id 用来上传公钥 -i 指定公钥的位置

 

[root@xyy .ssh]# ssh-copy-id -i id_ecdsa.pub root@192.168.31.26
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_ecdsa.pub"
The authenticity of host '192.168.31.26 (192.168.31.26)' can't be established.
ECDSA key fingerprint is SHA256:v7VzMC5tU2w7NRsf9uLJ5jDFZOtONbNFZAL0KInJLXw.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.31.26's password: (192.168.31.26的密码)

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.31.26'"
and check to make sure that only the key(s) you wanted were added.

 

三.验证免密通道是否成功

ssh是linux下的客户端连接命令

 

[root@xyy .ssh]# ssh root@192.168.31.26
Last login: Sat Jun 26 11:02:54 2021 from 192.168.31.5
[root@fuwuqi ~]# 

 

标签:免密,三步,192.168,ecdsa,ssh,key,Linux,root,id
来源: https://www.cnblogs.com/jichuang/p/16598853.html