配置服务器SSH免密登录

扯淡

        通常我们登录服务器,需要使用 “ssh 用户名@服务器地址” 的命令去完成,很不方便,而且在一些特定的使用场景,我们需要实现自动登录或者无密码登录。
        这个时候ssh-kengen就能用的上了,它可以通过公钥认证可实现ssh免密登陆,我们来看看是怎么配置的。

配置

1,在本地服务器上生成ssh key:

ln:~ ln$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/apple/.ssh/id_rsa): // 输入秘钥文件名称,可以为空

Enter passphrase (empty for no passphrase): // 输入密码,可以为空
Enter same passphrase again:

Your identification has been saved in /Users/apple/.ssh/id_rsa.// 秘钥文件保存路径
Your public key has been saved in /Users/apple/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:xYjyyyG2qfMlZSrz2lb/0tTFm4gvkxehrj1dO+SiaAU ln@ln.local
The key’s randomart image is:
+—[RSA 2048]—-+
| |
| . o |
| . . . o . |
| o E. . o |
| o = S. + + o |
| . O.o = + = |
| o =.+. = + = . |
| .*.o +oB = + |
| o=+ .o++* . . |
+—-[SHA256]—–+

命令执行完成后,会在~/.ssh/目录下生成两个文件,一个私钥文件,一个是公钥文件(.pub),如下所示:

id_rsa
id_rsa.pub

2,添加到远程服务器,这里我用xx.soilove.cn的root用户来举例:

ln:~ ln$ ssh-copy-id root@xx.soilove.cn
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/Users/apple/.ssh/id_rsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
root@xx.soilove.cn’s password: // 输入服务器登录密码

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘root@xx.soilove.cn'”
and check to make sure that only the key(s) you wanted were added.

添加完成,现在使用ssh命令即可完成无密码登录

3,我们来尝试登录下,验证下配置情况

ln:.ssh ln$ ssh root@xx.soilove.cn
Last login: Sat Oct 20 13:43:27 2018 from 101.69.254.214
Welcome to Alibaba Cloud Elastic Compute Service !

登录成功!

4,我们到~/.ssh/目录下,看看传过来的公钥,名称为authorized_keys

[root@izuf644wg7yw6hsx8o8nx7z ~]# ls ~/.ssh/
authorized_keys

5,删除认证,我们只需要在目标服务器上删除authorized_keys文件即可

 

ok,就这么简单,祝你生活愉快。


guolin

guolin

相信世界,向往美好,记录成长过程,分享个人心得,充实平凡生活。 网站信条:因为喜欢,所以热爱。

发表评论

电子邮件地址不会被公开。 必填项已用*标注