Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1203841
  • 博文数量: 181
  • 博客积分: 6155
  • 博客等级: 准将
  • 技术积分: 1805
  • 用 户 组: 普通用户
  • 注册时间: 2008-08-05 09:24
文章分类

全部博文(181)

文章存档

2015年(2)

2014年(3)

2013年(9)

2012年(29)

2011年(30)

2010年(36)

2009年(40)

2008年(32)

分类: LINUX

2009-08-18 11:22:07

网上找了半天,都不够简单明了,我自己总结以下:

把你的本地主机用户的ssh公匙文件写入到远程主机用户的~/.ssh/authorized_keys文件中,具体方法

假设本地主机localhost,远程主机remote

一,在localhost主机里的用户

运行ssh-keygen -t rsa

结果如下

Generating public/private rsa key pair.

Enter file in which to save the key (/home/.username/ssh/id_rsa):#回车

Enter passphrase (empty for no passphrase):#回车

Enter same passphrase again:#回车

Your identification has been saved in /home/.username /.ssh/id_rsa.

Your public key has been saved in /home/.username /.ssh/id_rsa.pub.

The key fingerprint is:

38:25:c1:4d:5d:d3:89:bb:46:67:bf:52:af:c3:17:0c username@localhost

Generating RSA keys:

Key generation complete.

会在用户目录~/.ssh/产生两个文件,id_rsa,id_rsa.pub

步骤如下:

ssh-keygen -t rsa或ssh-keygen -d (dsa) =>产生出id_rsa, id_rsa.pub
scp id_rsa.pub server_hostname:~/.ssh/
ssh server_hostname
cat .ssh/id_rsa.pub >> .ssh/authorized_keys即可(追加)

这样子就可以key认证登入,不需输入密码.

二,把id_rsa.pub文件拷贝到remote主机的用户目录下

cat id_rsa.pub >> ~/.ssh/authorized_keys

就可以了

这样localhost主机的用户就可以通过ssh而不用密码登陆remote主机

在测试当中发现经常出现以下错误:
@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
1f:a3:2b:b5:27:0c:5c:7b:89:27:ff:ab:cd:ba:31:66.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:6
RSA host key for 60.28.15.234 has changed and you have requested strict checking.
Host key verification failed.

解决办法是把known_hosts文件删掉就可以了

三、PS:gen时会问Enter passphrase (empty for no passphrase):

此处直接enter跳过,下次才不会询问password

简单解说一下:

id_rsa: private key
id_rsa.pub: public key

将public key(id_rsa.pub)拷贝到远端的电脑后,加到那user的.ssh/authorized_keys中.

之后连线时,就会用本机的private key(id_rsa)与远端电脑的public key(authorized_keys)做认证,确认完成就可以直接登入,不需输入帐号密码,而且也比较安全.
阅读(1572) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~