当你要从ip:192.168.0.253的linux scp 数据到ip:192.168.0.252这台linux上时,往往需要输入192.168.0.252的密码,自动拷贝的时候很是麻烦,下面是ssh认证拷数据的方法:
在192.168.0.253上生成一对密钥:
[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
将/root/.ssh/id_rsa.pub这个文件copy到192.168.0.252的/root/.ssh/里面,并且改名为authorized_keys:
scp /root/.ssh/id_rsa.pub root@192.168.0.252:/root/.ssh/authorized_keys(如果192.168.0.252上没有.ssh目录,可以自行创建一个).
这样就可以从192.168.0.253传数据到192.168.0.252上(无需输入密码).
自己是这样理解的:
192.168.0.253生成一对密钥:私有密钥和公有密钥.他把公有密钥发给192.168.0.252.
当192.168.0.253要向192.168.0.252传数据时.253给数据加密并签名并传送给192.168.0.252.
192.168.0.252接到数据之后对,验证数据的签名,解密数据并完成ssh的认证机制.从而无需输入252密码直接scp到192.168.0.252上面.
如果有理解不对的地方请多多指教!!
阅读(1506) | 评论(0) | 转发(1) |