Linux之間ssh免密碼登陸

1、生成公私鑰對

$ ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
88:64:ed:a1:a7:a2:c0:b4:ee:77:38:2f:c7:39:c6:c1 root@QA-5-45
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|     .           |
|    o o          |
|   o + o         |
| .  + + S        |
|o .  E           |
|.o. = o          |
|o. * O           |
|oo. B..          |
+-----------------+
 -P phrase   Provide old passphrase. 這個是指使用私鑰的密碼
 -t type     Specify type of key to create. 這個是建立公私鑰的類型
 
$ ll .ssh/
total 8
-rw-------. 1 root root 1675 Sep  6 04:12 id_rsa
-rw-r--r--. 1 root root  394 Sep  6 04:12 id_rsa.pub

2、複製公鑰到免密碼登陸的機器

$ ssh-copy-id root@172.17.5.46
The authenticity of host '172.17.5.46 (172.17.5.46)' can't be established.
RSA key fingerprint is 8e:ac:89:5d:10:be:e7:d8:a2:34:0b:bf:70:cd:ce:33.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.5.46' (RSA) to the list of known hosts.
root@172.17.5.46's password: 
Now try logging into the machine, with "ssh 'root@172.17.5.46'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

免登陸機器上：

$ ll .ssh/
total 4
-rw-------. 1 root root 394 Sep  6 04:16 authorized_keys

3、測試

# ssh 172.17.5.46
Last login: Sun Sep  6 04:06:43 2015 from 172.17.5.45
[root@node2 ~]#

成功免密碼登陸。

4、結論

1. 免密碼登陸不用再每次都輸入密碼，方便了許多；

2. rsync也可使用ssh認證在linux服務器之間免密碼傳輸文件；

3. 最好別配置root用戶的免密碼登陸