两台linux之间建立信任关系,实现免密码远程登录或数据上传
1、执行ssh-keygen命令,生成建立安全信任关系的证书:
linux1上:执行命令 ssh-keygen -t rsa
在程序提示输入时的单个地方都直接回车(无证书密码)
[shenping@192.168.2.1:.ssh]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/shenping/.ssh/id_rsa): #直接回车
Enter passphrase (empty for no passphrase): #直接回车
Enter same passphrase again: #直接回车
Your identification has been saved in /home/shenping/.ssh/id_rsa.
Your public key has been saved in /home/shenping/.ssh/id_rsa.pub.
The key fingerprint is:
::3f::::9c:0a:5d:::4e:f6:3d:f7:aa shenping@192.168.2.1
The key's randomart image is:
+--[ RSA ]----+
| .. =*B.|
| .....O .|
| o .+= o.|
| o .....+|
| . S +|
| . .|
| . |
| . |
| E. |
+-----------------+
上述命令将生成私钥证书id_rsa和公钥证书id_rsa.pub,存放在用户家目录的.ssh子目录中。
2. 使用scp 将刚才生成的linux1上的id_rsa.pub 文件上传到linux2的相同用户家目录的.ssh子目录中
在linux1上执行命令:
[shenping@192.168.2.1:.ssh]$ scp -P /home/shenping/.ssh/id_rsa.pub shenping@192.168.2.2:/home/shenping/.ssh
shenping@192.168.2.1's password:
id_rsa.pub % .4KB/s :
3、在linux2上 把id_rsa.pub内容添加到/.ssh/authorized_keys 中,执行如下命令:
[shenping@192.168.2.2:.ssh]$ cat id_rsa.pub >authorized_keys
至此linux1的用户shenping 就跟linux2的用户shenping建立了信任关系。
效果如下:
在linux1 上执行如下命令:
[shenping@192.168.2.1:.ssh]$ ssh -p shenping@192.168.2.2
Last login: Wed Nov :: from sglvwebs04.rmz.gomo.com
[shenping@192.168.2.2:~]$
不在需要密码即可远程登录