SSH通过密钥登录服务器，无须输入登录密码

SSH通过密钥登录服务器，无须输入登录密码


客户端 tech100，
服务器端 www.***.com

[simonsun@tech100 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/simonsun/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/simonsun/.ssh/id_rsa.
Your public key has been saved in /home/simonsun/.ssh/id_rsa.pub.
The key fingerprint is:
.......................................... simonsun@tech100
[simonsun@tech100 ~]$ ssh -p 22 usr@www.***.com "mkdir /home/usr/.ssh;chmod u+rwx /home/usr/.ssh -Rf"
usr@www.***.com's password:
[simonsun@tech100 ~]$ scp -P 22 .ssh/id_rsa.pub usr@www.***.com:/home/usr/.ssh/
usr@www.***.com's password:

－－－－－－－－－－－以上是在客户端机器上完成生成公钥和密钥，并拷贝公钥到目标服务器端。

[simonsun@tech100 ~]$ ssh -p 22 usr@www.***.com
usr@www.***.com's password:
Last login: Tue Jul  6 14:54:28 2010 from  ***.***.**.**
[usr@target ~]# touch .ssh/authorized_keys
[usr@target ~]# ll .ssh/
total 12
-rw-r--r-- 1 usr usr   0 Jul  6 15:00 authorized_keys
-rw-r--r-- 1 usr usr 398 Jul  6 14:58 id_rsa.pub
[usr@target ~]# cat .ssh/id_rsa.pub >> .ssh/authorized_keys
[usr@target ~]# ll .ssh/
total 16
-rw-r--r-- 1 usr usr 398 Jul  6 15:00 authorized_keys
-rw-r--r-- 1 usr usr 398 Jul  6 14:58 id_rsa.pub
[usr@target ~]# exit
logout
Connection to www.***.com closed.
－－－－－－－－－－－以上是把刚才上传的公钥id_rsa.pub追加到.ssh/authorized_keys中，若有新的客户端仍可以把客户端生成的公钥都追加到 authorized_keys中。

[simonsun@tech100 ~]$ ssh -p 22 usr@www.***.com
Last login: Tue Jul  6 15:01:32 2010 from ***.***.**.**
[usr@target ~]# ls /
bin  boot  dev  etc  home  lib  lib64  lost+found  media  misc  mnt  net  opt  proc  usr  sbin  selinux  srv  sys  tmp  usr  var

－－－－－－－－－－－这样就达到通过密钥登录服务器，无须输入登录密码了。


参考连接：http://surpass-li.iteye.com/blog/161302

 

另如果用了非22端口，需要额外处理：http://shellfish.iteye.com/blog/711074

 

常见问题，保证在服务器端，authorized_keys能被other用户读取到，否则会提示输入密码，仍不能自动登录，如：

[usr@target ~]$ ll .ssh/
总计 4
-rw----r-- 1 usr usr 610 12-05 10:11 authorized_keys