Address: http://hi.baidu.com/edeed/item/13842c2523a2ae0977272c6d
For example, if you want to log on to the 192.168.41.76 server as a root user without entering the user password.
1) create a public key and a private key on 192.168.41.76
[192.168.41.76] # ssh-keygen-T RSA
Generating public/private RSA key pair.
Enter file in which to save the key (//. Ssh/id_rsa): // Press enter. The default location is. Ssh/id_rsa.
Enter passphrase (empty for no passphrase): // press enter without a password
Enter same passphrase again: // press enter without a password
Your identification has been saved in //. Ssh/id_rsa.
Your public key has been saved in //. Ssh/id_rsa.pub.
The key fingerprint is:
F3: 66: 3D: 23: 9f: Cf: 78: 0b: F8: 58: 8f: 3D: EE: BA: 55: 99 root @ dw_test1
[192.168.41.76] # LL ~ /. SSH
-RW ------- 1 Root 883 Jun 30 14:25 id_rsa
-RW-r -- 1 Root 221 Jun 30 14:25 id_rsa.pub
Note:
-T rsa indicates that SSH generates an RSA key, which is the default behavior. you can also generate a DSA-type key. view. two files are added to the SSH folder. id_rsa is the private key and id_rsa.pub is the public key.
2) check whether there is ~ On 192.168.41.75 ~ /. Ssh directory, create first
[192.168.41.75] # LL ~ /. SSH
[192.168.41.75] # mkdir ~ /. SSH
3) Use SCP on 192.168.41.76 to copy the Public Key id_rsa.pub to 192.168.41.75.
[192.168.41.76] # SCP ~ /. Ssh/id_rsa.pub root@192.168.41.75 :~ /
Root@192.168.41.75's password: // enter the remote server root login password
4) append the id_rsa.pub content to the corresponding user's ~ /. Ssh/authorized_keys file, and delete the id_rsa.pub File
[192.168.41.75] # Cat ~ /Id_rsa.pub> ~ /. Ssh/authorized_keys
[192.168.41.75] # rm-F id_rsa.pub
5) in this way, you can log on to 192.168.41.75 as a root user without entering the password. A known_hosts file is also added.
[192.168.41.76] # SSH 192.168.41.75
[192.168.41.76] # LL ~ /. SSH
-RW-r -- 1 Root 221 14:25:32. 000000000 + 0800 id_rsa.pub
-RW ------- 1 Root 883 14:25:32. 000000000 + 0800 id_rsa
-RW-r -- 1 Root 223 14:30:26. 000000000 + 0800 known_hosts
6) Note
. The SSH directory permission must be 0700 ,. the SSH/authorized_keys File Permission must be 0600; otherwise, public key authentication will not take effect. if you want to directly access other users of 192.168.41.75, You need to append the public key to the authorized_keys file of another user.
-- End --
# Linux