一、使用公钥远程登录ssh服务器方式
1.1 在客户端使用ssh-keygen 生成密匙
steven:~ admin$ ssh-keygen //客户端生成秘钥
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/admin/.ssh/id_rsa):
Enter passphrase (empty for no passphrase): //直接回车 不输入密码
Enter same passphrase again: //回车
Your identification has been saved in /Users/admin/.ssh/id_rsa.
Your public key has been saved in /Users/admin/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:SB3UMdOY71AEGnsjlLRPMkdxCTjrUR07pXbUAkBQ9I8 admin@steven.local
The key's randomart image is:
+---[RSA 2048]----+
| oBO&%=+o. |
| o+B====. .|
| . O+=o* .. |
| . .oO.o.= |
| ..S..oE . |
| . . |
| |
| |
| |
+----[SHA256]-----+
steven:.ssh admin$ ls /Users/admin/.ssh/
id_dsa id_dsa.pub id_rsa id_rsa.pub known_hosts 带.pub的就是公钥的文件
1.2 发布公钥,使用ssh-copy-id 命令将客户端生成的公钥发布到服务器地址上,并使用-i参数指定公钥的存放位置。
steven:.ssh admin$ ssh-copy-id -i /Users/admin/.ssh/id_rsa.pub root@120.0.1.300 -p**0,有端口号的要指定端口号
steven:.ssh admin$ ssh-copy-id -i /Users/admin/.ssh/id_rsa.pub root@***.*.*.**4 -p3***
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/admin/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@*.*.**.*'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh -p '***' 'root@***'"
and check to make sure that only the key(s) you wanted were added.
1.3 登录服务器
steven:~ admin$ ssh root@**.**.** -p**
Last login: Fri Nov 2 22:13:41 2018 from 10.0.5.172
警告⚠️ 你所有的操作将被记录
[root@localhost ~]# //登录成功
//配对成功后,服务器生成文件/root/.ssh/authorized_keys,如果是普通用户,则在/home/用户名/.ssh/authorized_keys里面.
[root@localhost .ssh]# cat /root/.ssh/authorized_keys