/ 科技 / 999浏览

ssh 免密码登录

1、ssh-keygen生成公钥和私钥

cd /root/.ssh
ssh-keygen

直接三次回车,Linux会生成两个密钥:公钥和私钥

公钥文件:/root/.ssh/id_rsa.pub

私钥文件:/root/.ssh/id_rsa

2、查看生成的公钥和私钥

cd ~/.ssh/
ll
pwd
cat known_hosts
# 查看公钥
cat ~/.ssh/id_rsa.pub
# 查看私钥
cat ~/.ssh/id_rsa

3、将公钥发到其他主机上

语法:ssh-copy-id -i ~/.ssh/id_rsa.pub root@remote(远程ip)

注意:建议逐个主机执行,多台机器同时执行容易出错

ssh-copy-id -i ~/.ssh/id_rsa.pub root@cdh01
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cdh02
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cdh03
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cdh04
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cdh05
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cdh06

技巧:如果机器太多可以在一个机器执行完之后,再将此机器上的 /root/.ssh/authorized_keys 文件直接分发到其他机器

每台机器发送自己的公钥给其他机器,按回车键输入root用户密码即可 

4、给~/.ssh和authorized_keys赋予权限

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
cat authorized_keys

5、ssh 远程连接到各个节点

ssh cdh01
ssh cdh02
ssh cdh03
ssh cdh04
ssh cdh05
ssh cdh06

6、配置错误如何重新配置

(1)进入 ~/.ssh 目录,查看公钥配置

cd ~/.ssh/
ll
cat authorized_keys

 (2)直接删除~/.ssh目录下的所有文件,重新生成authorized_keys

rm -rf ~/.ssh/*
touch ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
cd ~/.ssh/

(3)如果还不行就直接把公钥文件的内容追加到authorized_keys中吧

# 本机执行
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
# 其他机器执行
cat ~/.ssh/id_rsa.pub
# 本机再拷贝上一条命令的公钥填到echo "" 
echo "" >> ~/.ssh/authorized_keys
scp ~/.ssh/authorized_keys root@cdh02:~/.ssh/authorized_keys
scp ~/.ssh/authorized_keys root@cdh03:~/.ssh/authorized_keys
scp ~/.ssh/authorized_keys root@cdh04:~/.ssh/authorized_keys
scp ~/.ssh/authorized_keys root@cdh05:~/.ssh/authorized_keys
scp ~/.ssh/authorized_keys root@cdh06:~/.ssh/authorized_keys

0

  1. This post has no comment yet

发表回复