ssh-keygen 产生公钥与私钥对.
ssh-copy-id 将本机的公钥复制到远程机器的authorized_keys文件中,ssh-copy-id也能让你有到远程机器的home, ~./ssh , 和 ~/.ssh/authorized_keys的权利
第一步:在本地机器上使用ssh-keygen产生公钥私钥对
- jsmith@local-host$ [Note: You are on local-host here]
- jsmith@local-host$ ssh-keygen
- Generating public/private rsa key pair.
- Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
- Enter passphrase (empty for no passphrase): [Press enter key]
- Enter same passphrase again: [Pess enter key]
- Your identification has been saved in /home/jsmith/.ssh/id_rsa.
- Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
- The key fingerprint is:
- 33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9 jsmith@local-host
- jsmith@local-host$ ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
- jsmith@remote-host's password:
- Now try logging into the machine, with "ssh 'remote-host'", and check in:
- .ssh/authorized_keys
- to make sure we haven't added extra keys that you weren't expecting.
注意: ssh-copy-id 将key写到远程机器的 ~/ .ssh/authorized_key.文件中
第三步: 登录到远程机器不用输入密码- jsmith@local-host$ ssh remote-host
- Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
- [Note: SSH did not ask for password.]
- jsmith@remote-host$ [Note: You are on remote-host here]
常见问题:
- ssh-copy-id -u eucalyptus -i ~eucalyptus/.ssh/id_rsa.pub eucalyptus@remote_host
上述是给eucalyptus用户赋予无密码登陆的权利
[1]
- /usr/bin/ssh-copy-id: ERROR: No identities found
使用选项 -i ,当没有值传递的时候或者 如果 ~/.ssh/identity.pub 文件不可访问(不存在), ssh-copy-id 将显示上述的错误信息 ( -i选项会优先使用将ssh-add -L的内容)
- jsmith@local-host$ ssh-agent $SHELL
- jsmith@local-host$ ssh-add -L
- The agent has no identities.
- jsmith@local-host$ ssh-add
- Identity added: /home/jsmith/.ssh/id_rsa (/home/jsmith/.ssh/id_rsa)
- jsmith@local-host$ ssh-add -L
- ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsJIEILxftj8aSxMa3d8t6JvM79DyBV
- aHrtPhTYpq7kIEMUNzApnyxsHpH1tQ/Ow== /home/jsmith/.ssh/id_rsa
- jsmith@local-host$ ssh-copy-id -i remote-host
- jsmith@remote-host's password:
- Now try logging into the machine, with "ssh 'remote-host'", and check in:
- .ssh/authorized_keys
- to make sure we haven't added extra keys that you weren't expecting.
- [Note: This has added the key displayed by ssh-add -L]
[2] ssh-copy-id应注意的三个小地方
- Default public key: ssh-copy-id uses ~/.ssh/identity.pub as the default public key file (i.e when no value is passed to option -i). Instead, I wish it uses id_dsa.pub, or id_rsa.pub, or identity.pub as default keys. i.e If any one of them exist, it should copy that to the remote-host. If two or three of them exist, it should copy identity.pub as default.
- The agent has no identities: When the ssh-agent is running and the ssh-add -L returns “The agent has no identities” (i.e no keys are added to the ssh-agent), the ssh-copy-id will still copy the message “The agent has no identities” to the remote-host’s authorized_keys entry.
- Duplicate entry in authorized_keys: I wish ssh-copy-id validates duplicate entry on the remote-host’s authorized_keys. If you execute ssh-copy-id multiple times on the local-host, it will keep appending the same key on the remote-host’s authorized_keys file without checking for duplicates. Even with duplicate entries everything works as expected. But, I would like to have my authorized_keys file clutter free.
相关推荐
使用`ssh-copy-id`命令或者手动复制的方式将公钥上传到远程主机: ``` [root@localhost ~]# ssh-copy-id user@remote-host ``` 这里`user`为远程主机上的用户名,`remote-host`为远程主机的IP地址或域名。首次...
使用ssh-copy-id命令将公钥添加到authorized_keys文件: ssh-copy-id root@node2 这将将公钥添加到node2服务器的authorized_keys文件中。 四、重启SSH服务 重启SSH服务以应用新的配置: service sshd restart ...
可以使用`ssh-copy-id`命令简化此过程,例如:`ssh-copy-id user@remote_host`,这将把当前用户的公钥添加到`remote_host`的`authorized_keys`文件。 3. 配置known_hosts:每次将公钥复制到新服务器时,SSH客户端...
使用ssh-copy-id命令将公钥分发到远程服务器上,命令语法为`ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.231.129`。 三、无密码登录 在公钥分发完成后,A机器可以无密码登录到B机器和C机器上。使用ssh命令...
- 使用`ssh-keygen2 -t dsa -P ''`命令,其中`-P ''`表示不设置密码,这将创建一个私钥文件`id_dsa_2048_a`和一个公钥文件`id_dsa_2048_a.pub`。 3. **生成identification文件**: - 使用命令`echo "IdKey id_dsa_...
首先,确保`ssh-keygen`和`ssh-copy-id`这两个工具已经安装。在CentOS 7上,可以通过`yum`命令安装: ```bash # 安装ssh-keygen sudo yum install -y ssh-keygen # 安装ssh-copy-id sudo yum install -y ssh-copy-...
`ssh-copy-id`命令是SSH的一部分,用于将本地的公钥复制到远程主机的`~/.ssh/authorized_keys`文件中,从而实现免密登录。本文将详细讲解如何使用shell脚本来批量执行`ssh-copy-id`,以提高效率。 ### 需求 批量...
Linux SSH key 是一种常用的身份验证方式,通过生成公钥和私钥来实现无密码登录远程 Linux 主机。本文将详细介绍如何在 Linux 和 Windows 平台上生成和使用 SSH key。 一、Linux 平台上生成和使用 SSH key 1. 生成...
使用`ssh-copy-id`命令将公钥复制到远程服务器,以便服务器知道你是谁,无需输入密码: ```bash ssh-copy-id -i ~/.ssh/id_rsa.pub user@remote_host ``` 这里,`user`是远程主机的用户名,`remote_host`是远程...
### SSH-SCP使用方法详解 ...通过以上步骤,我们可以实现SSH-SCP的免密码文件传输,这对于自动化运维和批量操作来说是非常有用的。同时,掌握SCP命令的各种选项可以帮助我们更加灵活高效地管理文件系统。
3. **配置SSH免密登录**:首先,在本地生成RSA密钥对,使用`ssh-keygen`命令,通常默认生成的文件是`id_rsa`(私钥)和`id_rsa.pub`(公钥)。然后,将`id_rsa.pub`中的内容追加到远程服务器的`~/.ssh/authorized_...
Publish Over SSH插件使用 在使用Publish Over SSH之前,需要制作SSH私钥。机器间做免密登录配置。...ssh-copy-id 192.168.BB.BBB 验证方式是:在A机器上执行ssh 192.168.BB.BBB,然后执行ifconfig
ssh-copy-id user@remote_host ``` 5.3 配置SSH服务器 编辑远程服务器的`/etc/ssh/sshd_config`文件,确保以下设置: - `PasswordAuthentication no`:禁用密码登录 - `PermitRootLogin no`:禁止root用户通过SSH...
在SSH中,`ssh-keygen`是一个用于生成公钥和私钥对的工具,这是实现无密码登录的关键。本篇文章将详细讲解如何通过`ssh-keygen`配置免输入密码登录远程主机。 首先,我们需要在本地主机上生成SSH密钥对。在本地主机...
我们可以使用ssh-copy-id命令将公钥追加到authorized_keys文件中。 5. 最后,我们需要将authorized_keys文件复制到每台机器的.ssh目录下。这一步骤将确保每台机器都可以免密登录到其他机器。 在实现ssh免密登录的...
Linux操作系统中的SSH服务,默认使用OpenSSH套件,可实现安全的无密码登录,方便管理员进行管理和维护。 无密码登录是通过SSH密钥认证来实现的,通常涉及两个密钥:私钥(id_rsa)和公钥(id_rsa.pub)。公钥需要被...
你可以使用`cat`命令查看公钥内容,然后手动复制,或者使用`ssh-copy-id`命令直接复制: ```bash cat ~/.ssh/id_rsa.pub # 或者 ssh-copy-id -i ~/.ssh/id_rsa.pub user@target_host ``` 在这个例子中,目标机器的...
[root@hadoop1 sbin]# ssh-copy-id hadoop1 /usr/bin/ssh-copy-id: ERROR: failed to open ID file '/root/.pub': 没有那个文件或目录 (to install the contents of '/root/.pub' anyway, look at the -f option) ...
根据提供的文件信息,本文将详细解释如何通过SSH使用密钥对实现无密码登录Solaris操作系统。这种方法同样适用于RedHat和Linux等系统。 ### 关键词理解 - **SSH**: Secure Shell,一种网络协议,用于计算机之间的...