遠程密鑰登陸

    當須要同時管理上前臺服務器的時候，若是挨個輸入密碼登陸服務器就會很麻煩。咱們能夠用linux自帶的ssh工具，設置密鑰免密碼登陸。

    實驗環境：機器A:192.168.241.128

              機器B:192.168.241.130

                  A機器上的操做

[root@1111 ~]# ssh-keygen           ###生成密鑰對

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

dc:17:23:8c:62:a4:37:ac:24:b4:8f:e6:3c:6a:ee:c5 root@1111

The key's randomart p_w_picpath is:

+--[ RSA 2048]----+

|  .   .          |

| . . +   o       |

|  o o * . o o    |

|   = + + . . o   |

|  o o   S . .    |

| +.        .     |

|  +E             |

| o..             |

|=o               |

+-----------------+

[root@1111 ~]# cat /root/.ssh/id_rsa.pub           #在相應目錄下找到公鑰，並複製其內容

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsrEF5lUYe7u1i5v7ObcXDhqf3kPU9gJBF32xj/npllye99L                                                            S6k6NA/+lbjtKWZtR5sxXD2PfYE0z8t4DZ04fjDqVh6lMNWSmTWVP7DYmRHzqySUfDcH8NStVCHVt7J4ntu                                                            7bfV4ixswdMTt+5nRgS71ILHJ46n+EPfjKzrHmXxed4a4FLRh7uqD+YGQdD7+wiZvAQTz2PogoucGNgaDSZ                                                            Ve44UC7SM6W0L2WgcZnP5XysUua33+dcqt1h+ZKwurR3RuYc0ptyjIP/leckoJ0A/YWgig86vzWLh4LbBfX                                                            KF7gtwqFjUb+8iyqDr9ARmBn2VSxIyHAAASZ45SzZxwNNQ== root@1111

                        B機器上的操做

[root@333 ~]# mkdir /root/.ssh

[root@333 ~]# vim /root/.ssh/authorized_keys 在該文件中粘貼剛剛複製的公鑰內容

[root@333 ~]# chmod 700  /root/.ssh

[root@333 ~]# chmod 600 /root/.ssh/authorized_keys

[root@333 ~]# iptables -F

[root@333 ~]# service iptables save

iptables：將防火牆規則保存到 /etc/sysconfig/iptables：     [肯定]

先暫時關閉selinux：

[root@333 ~]# setenforce 0

再永久性關閉：

[root@333 ~]# vim /etc/selinux/config

將SELINUX=enforcing改成

SELINUX=disabled

保存退出。

                        進行以上操做後，再回到A機器上，測試是否成功

[root@1111 ~]# ssh 192.168.241.130

The authenticity of host '192.168.241.130 (192.168.241.130)' can't be established.

RSA key fingerprint is c2:09:a3:28:ec:61:cf:25:e9:9b:23:93:cb:4c:47:3f.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.241.130' (RSA) to the list of known hosts.

Last login: Sun Sep 18 19:04:08 2016 from 192.168.241.128

[root@333 ~]# logout

Connection to 192.168.241.130 closed.

[root@1111 ~]# ssh 192.168.241.130

Last login: Sun Sep 18 19:11:35 2016 from 192.168.241.128

                          成功經過密鑰免密碼登陸