ssh-keygen 創建公鑰和密鑰。
ssh-copy-id 把本地主機的公鑰復制到遠程主機的authorized_keys文件上。
1: 用 ssh-key-gen 在本地主機上創建公鑰和密鑰
ubuntu01@ubuntu:~/.ssh$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/ubuntu01/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/ubuntu01/.ssh/id_rsa. Your public key has been saved in /home/ubuntu01/.ssh/id_rsa.pub. The key fingerprint is: 44:da:91:77:94:6f:11:c5:50:ac:6f:ad:b8:67:24:97 ubuntu01@ubuntu The key's randomart image is: +--[ RSA 2048]----+ | o. ...oBo| | +... o . o| | . o. . . o | | . + | | S . o.| | . E +| | = o | | . + | | .+ | +-----------------+2: 用 ssh-copy-id 把公鑰復制到遠程主機上
ubuntu01@ubuntu:~$ sudo ssh-copy-id -i .ssh/id_rsa.pub [email protected] The authenticity of host '192.168.159.130 (192.168.159.130)' can't be established. ECDSA key fingerprint is 53:9f:38:12:85:1e:ce:7c:f7:3d:ab:14:78:72:e0:cb. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.159.130' (ECDSA) to the list of known hosts. [email protected]'s password: Now try logging into the machine, with "ssh '[email protected]'", and check in: ~/.ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.3: 直接登錄遠程主機
ubuntu01@ubuntu:~/.ssh$ ssh localhost