实验环境1:服务器A连接B不用密码 服务器B(192.168.196.34)
在A上ssh-keygen生成公钥,私钥。ssh-keygen -t [ras|dsa]
(rsa适用ssh version 1和ssh version 2,dsa适用ssh version 2)
在A上ssh-copy-id将公钥传给B:
ssh-copy-id -i /root/.ssh/id_dsa.pub 192.168.196.34
输入B机密码。可以ssh 192.168.196.34进去了。
实验环境2:服务器A连接B不用密码 服务器B(192.168.101.85)ssh端口改成20100
在A上ssh-keygen生成公钥,私钥。
ssh-copy-id -i /root/.ssh/id_dsa.pub 192.168.101.85
提示错误:
15
ssh: connect to host 192.168.101.85 port 22: Connection refused网上查找,sky-copy-id不支持非22端口,修改sky-copy-id为(先将以前的sky-copy-id备份下):
#!/bin/sh
# Shell script to install your identity.pub on a remote machine
# Takes the remote machine name as an argument.
# Obviously, the remote machine must accept password authentication,
# or one of the other keys in your ssh-agent, for this to work.
ID_FILE="${HOME}/.ssh/identity.pub"
while getopts ':i:p:P:h' OPTION
do
case $OPTION in
i)
if [ -n "$OPTARG" ]; then
if expr "$OPTARG" : ".*.pub" > /dev/null ; then
ID_FILE="$OPTARG"
else
ID_FILE="$OPTARG.pub"
fi
fi
;;
P|p)
PORT=$OPTARG;
;;
h)
echo "Usage: $0 [-i [identity_file]] [user@]machine" >&2
exit 1
;;
esac;
done;
shift $(($OPTIND - 1))
if [ $# -lt 1 ] && [ x$SSH_AUTH_SOCK != x ] ; then
GET_ID="$GET_ID ssh-add -L"
fi
if [ -z "`eval $GET_ID`" ] && [ -r "${ID_FILE}" ] ; then
GET_ID="cat ${ID_FILE}"
fi
if [ -z "`eval $GET_ID`" ]; then
echo "$0: ERROR: No identities found" >&2
exit 1
fi
if [ -z $PORT ]; then
PORTOPTION=""
else
PORTOPTION="-p $PORT "
fi;
{ eval "$GET_ID" ; } | ssh $PORTOPTION $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" || exit 1
cat <Now try logging into the machine, with "ssh $PORTOPTION'$1'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
EOF
(http://blog.vieth.biz/2009/03/23/ssh-copy-id-with-port/)
现在ok了:
ssh-copy-id -i .ssh/id_rsa.pub -p20100 192.168.101.85
输入密码完成公钥传输。
ssh -p 20100 192.168.101.85 可以直接登入
以后有内容再加上。
阅读(937) | 评论(0) | 转发(0) |
