创建证书:

[root@lnmp src]# ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase): #这里设入密码123456

Enter same passphrase again: #再次输入密码123456

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

:e2::f5::::d1:::::e1::bd:c5 root@lnmp

The key's randomart image is:

+--[ RSA ]----+

|    .+**.        |

|   +ooo+.        |

|  o.= E          |

|   = * o .       |

|  o o o S        |

|   .   o         |

|                 |

|                 |

|                 |

+-----------------+

这一步里,系统将自动生成一个公钥(public key)并保存在/home/root/.ssh/id_rsa.pub这个文件里。

[root@lnmp src]# ls /root/.ssh/id_rsa.pub

/root/.ssh/id_rsa.pub

看一下里面的内容:

[root@lnmp src]# cat /root/.ssh/id_rsa.pub

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApcgmdimrk/4Jios2x4lhOuRuP2LWcAcydTOicDqIyRo8jMgH0X8om5nXU/rYan+nZN/9CNsy7OvpRWUDIiaDA3vPluAfdRZjS9mmaDhz4XrvhLU5NLCzCg30oOJj7dHTNSfx5T5cdpIY5fQqAnvDotCxeNXe5L7qf8pW8GQvhl3tjr3NMvQrTHle0MJ3OIn6sW6tH8Szc0T1Ctsny6wQqqrwd+DG+5PW27feM9pPNoKsLKxS8jBM3pYcXbgmlPD0OqCIMl7Up26ELQEfdddj2A1zdJFSXd4bji+I9CTwx2Rqb+d3K0JUs9l12KLDK6vSf4IpUi0ju+/800Fejawhbw== root@lnmp

我们把公钥(public key)复制到远程机器上面去:

[root@lnmp src]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.1.12

The authenticity of host '192.168.1.12 (192.168.1.12)' can't be established.

RSA key fingerprint is 5e:5b:d3::cd::::a1::f2:ed:9c:ac::.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.1.12' (RSA) to the list of known hosts.

root@192.168.1.12's password: #输入192.168.1.12的登录密码

Now try logging into the machine, with "ssh 'root@192.168.1.12'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

注意ssh-copy-id将key写到远程机器的~/.ssh/authorized_key文件中:

[root@ok ~]# ls ~/.ssh/authorized_keys

/root/.ssh/authorized_keys

[root@ok ~]# cat ~/.ssh/authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApcgmdimrk/4Jios2x4lhOuRuP2LWcAcydTOicDqIyRo8jMgH0X8om5nXU/rYan+nZN/9CNsy7OvpRWUDIiaDA3vPluAfdRZjS9mmaDhz4XrvhLU5NLCzCg30oOJj7dHTNSfx5T5cdpIY5fQqAnvDotCxeNXe5L7qf8pW8GQvhl3tjr3NMvQrTHle0MJ3OIn6sW6tH8Szc0T1Ctsny6wQqqrwd+DG+5PW27feM9pPNoKsLKxS8jBM3pYcXbgmlPD0OqCIMl7Up26ELQEfdddj2A1zdJFSXd4bji+I9CTwx2Rqb+d3K0JUs9l12KLDK6vSf4IpUi0ju+/800Fejawhbw== root@lnmp

登录远程机器192.168.1.12就不需要密码了。

[root@lnmp src]# ssh 192.168.1.12

Enter passphrase for key '/root/.ssh/id_rsa': #输入刚才生成公钥的时候,设的密码123456如果当时没设的话就是空!!!

Last login: Sun Sep  ::  from 192.168.1.103

=============================================================================

上面的测试还没真正实现无密码登录,下面从新做一边:

删除上面生成的公钥和远程机上的私钥:

root@lnmp .ssh]# ls

id_rsa  id_rsa.pub  known_hosts

[root@lnmp .ssh]# rm id_rsa

rm: remove regular file `id_rsa'? y

删除远程机上的私钥:

[root@ok .ssh]# ls

authorized_keys  known_hosts  known_hosts.bak

[root@ok .ssh]# rm authorized_keys

rm: remove regular file `authorized_keys'? y

重新生成公钥:

[root@lnmp .ssh]# rm id_rsa

rm: remove regular file `id_rsa'? y

[root@lnmp .ssh]# cd

[root@lnmp ~]# ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase): #这里是空的话,就真正实现了,无需输入密码,登录远程主机

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

c9:fe::6a:7c:e1:2a:ba:aa:6e:2c:f0:ee::7d:af root@lnmp

The key's randomart image is:

+--[ RSA ]----+

|                 |

|                 |

|                 |

|       . .       |

|        S        |

|.      .  .      |

|o+     ...o.     |

|oo+ . . o=o      |

|==++E=.ooo.      |

+-----------------+

[root@lnmp ~]# ls ~/.ssh/

id_rsa       id_rsa.pub   known_hosts

[root@lnmp ~]# ls ~/.ssh/id_rsa

/root/.ssh/id_rsa

[root@lnmp ~]# cat ~/.ssh/id_rsa

-----BEGIN RSA PRIVATE KEY-----

MIIEoQIBAAKCAQEAxtlnozvT2OxoTS6XARo25G0moRaDvx7IQoMqMGpLYkN1z3vt

gPWWYBj9aLh1a6Y5ziWuYV7oKnHmGa6qAjYlHv6v3/Z2qwzvJ9nEiqEaEesHWspU

Ir5h7hdLf21b569zbRrQf+myqSByuOUjfLaaJiMWIqKHxaKGwNwK5T0pKR5kkIVJ

I2N1nhEXi+i8yP67qsRtfr7S3ofwbmgmnjT5Ly1wq09dOymAz3xeeriQ3Ke3G+Lh

C6qEj4oFfIu95r/jPqnIGxKRJGa15tbmLn1JSBEkl0OhMSA2FfjJQqH3PAfd2J/U

MduLNBEzCWcoTIGbDjNDUmTbO9mx5Kk3uRyFCQIBIwKCAQBr8lzU9JeTA/4bRS1m

/5okO0DbGtnOJqc6DLCArrs1V9I9bykov9VKHDHLIk5fAncmw/+T8bE7nOqgOj8I

g8sCMny7aImQDlXxD9EYDk/7GS/g1DxNYAlGvDBMfTHkLAt1vhlqAoWPAvxzAAvz

Po4x9cowDxaBOvix1omSYwe3O2xBQ9c7W4RXMdArzFQluC16gqtjt7DZnloNSbex

gXDAsKCn62NFuiUTRz2+3B5j4/ryE7vljmZbx482yAsVMAg9ZpvfRfoFqafJ9+IG

YUySna/hD5SfZJPd3W4anmuLsRqUiA7RTv9OEvddVYDFn5yL0uo53qoYuLwicxQr

+qwLAoGBAPm2cvvsKXXl8S2jL0AXMJ27lHmgeVhcOwYW0d0Iw5wRkUt2UNcj3fqd

OLjb5Ee8ZQbFPMqAUOHexgaTziPZ4kYTqckVUymLM3nX+rcDjdzHb6P+UGyrZdB9

kYQ7O6VZz2egnHY93zYCt4+Ooy6XipCWjtr9C32OjEzUppd5lAHZAoGBAMvbHBGT

/TRa3xmYCzKHRPKUPz7jNngZ2F9nh8FOdXJ3SU4ancG/RXfLYhjuZzmQrDLpjzWu

lrA9l8Ey/EJEJtFbk9JqdGUi+rYhjNIsp/plEzycDGYcvcD/tGy7auoWycv9+0Ko

T901vXAEuq4t+XDUYz+Z552atbmoISo/XG6xAoGBAORPCgrmjE6JFwUne6hPt2uk

L/osUa/fS+hPYMoWpDbrfYbSkw3XpmF5zXXQW69NKSrC9cB1UUOJ2Z+dFD4JCWSk

Q3YE3lHeWvMOnBUKkFTTmUV6zTAnrYtrfbq50CImOfhYVIldI9mcFYqRCjk6GEmu

OXfCyK1PITBNZRzG7biLAoGAaNcVv+W1a2HvFHoUYyD+4yerf22JuhvrnseHpT5L

B6sPwcSLpXhPnLG9a+hSWB6EcfR1iVJ5YfPKY1wMtF2QTmmcetepkxlNvMDMFFF6

9c2U3VeRWRYYceKXTdy6pEY75UDKXMuWyYlaHFo0HxBUZemSILWNDzmfSYmqqANU

G6sCgYAr/Fom3TlFZ9RzYtMLVYeS0U0OZ7Lerrv/3hOtXgEc7frp3MFPEdCwvVI2

zSDPMx7Ts44OalQdIbDi9tdJJeCLCWY3TvLoi1O0blPhwi+uKwtDsPACfIZ+3MLi

zCUhHxkwjKxrvI6BmYPzOAazob10HWfLhppKtotiwH3BfudICg==

-----END RSA PRIVATE KEY-----

用ssh-copy-id将公钥复制到远程机器中:

[root@lnmp ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.1.12

root@192.168.1.12's password:

Now try logging into the machine, with "ssh 'root@192.168.1.12'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

查看远程主机上生成的私钥:

[root@ok ~]# cat ~/.ssh/authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxtlnozvT2OxoTS6XARo25G0moRaDvx7IQoMqMGpLYkN1z3vtgPWWYBj9aLh1a6Y5ziWuYV7oKnHmGa6qAjYlHv6v3/Z2qwzvJ9nEiqEaEesHWspUIr5h7hdLf21b569zbRrQf+myqSByuOUjfLaaJiMWIqKHxaKGwNwK5T0pKR5kkIVJI2N1nhEXi+i8yP67qsRtfr7S3ofwbmgmnjT5Ly1wq09dOymAz3xeeriQ3Ke3G+LhC6qEj4oFfIu95r/jPqnIGxKRJGa15tbmLn1JSBEkl0OhMSA2FfjJQqH3PAfd2J/UMduLNBEzCWcoTIGbDjNDUmTbO9mx5Kk3uRyFCQ== root@lnmp

成功实现无密码登录:

[root@lnmp ~]# ssh 192.168.1.12

Last login: Sun Sep  ::  from 192.168.1.105

特别注意一定要把私钥保管好,如果被其它的服务器得到,那么这台得到你的私钥的服务器将可以无密码豋录所有认证过的服务器!!!!!

linux下跳板机跟客户端之间无密码登陆的更多相关文章

  1. [fw]linux 下如何查看和踢除正在登陆的其它用户

    linux 下如何查看和踢除正在登陆的其它用户 Posted on 2011/09/01   如何在linux下查看当前登录的用户,并且踢掉你认为应该踢掉的用户?请使用who这个命令来查看当前正在登录 ...

  2. 使用rsync在linux(服务端)与windows(客户端)之间同步

    说明: 1.RsyncServer服务端 系统:CentOS 6.8 IP地址:192.168.247.141 2.Rsync客户端 系统:Windows10 实现目的: Rsync客户端同步服务端/ ...

  3. c++ 网络编程(一)TCP/UDP windows/linux 下入门级socket通信 客户端与服务端交互代码

    原文作者:aircraft 原文地址:https://www.cnblogs.com/DOMLX/p/9601511.html c++ 网络编程(一)TCP/UDP  入门级客户端与服务端交互代码 网 ...

  4. linux Jumpserver跳板机 /堡垒机详细部署

    关于跳板机/堡垒机的介绍: 跳板机的定义: 跳板机就是一台服务器,开发或运维人员在维护过程中首先要统一登录到这台服务器,然后再登录到目标设备进行维护和操作: 跳板机缺点: 没有实现对运维人员操作行为的 ...

  5. Linux下多进程服务端客户端模型一(单进程与多进程模型)

    本文将会简单介绍Linux下如何利用C库函数与系统调用编写一个完整的.初级可用的C-S模型. 一.基本模型: 1.1   首先服务器调用socket()函数建立一个套接字,然后bind()端口,开始l ...

  6. linux 下如何查看和踢除正在登陆的其它用户 ==>Linux下用于查看系统当前登录用户信息的4种方法

    在linux系统中用pkill命令踢出在线登录用户 由于linux服务器允许多用户登录,公司很多人知道密码,工作造成一定的障碍 所以需要有时踢出指定的用户 1/#who   查出当前有那些终端登录(用 ...

  7. [Linux]Linux下rsync服务器和客户端配置

    一.rsync简介 Rsync(remote sync)是UNIX及类UNIX平台下一款神奇的数据镜像备份软件,它不像FTP或其他文件传输服务那样需要进行全备份,Rsync可以根据数据的变化进行差异( ...

  8. linux下rsync+inotify实现服务器之间文件实时同步

    先介绍一下rsync与inotify. 1.rsync 与传统的cp.tar备份方式相比,rsync具有安全性高.备份迅速.支持增量备份等优点,通过rsync可以解决对实时性要求不高的数据备份需求,例 ...

  9. android在linux下刷机

    只需要下载相应的zip包,不需装什么手机助手. 1.下载相应zip包(ROM) http://download.mokeedev.com/ 比如我在上述网站下的魔趣的对应机型的ROM包. 2.linu ...

随机推荐

  1. 基于redis分布式缓存实现

    Redis的复制功能是完全建立在之前我们讨论过的基 于内存快照的持久化策略基础上的,也就是说无论你的持久化策略选择的是什么,只要用到了Redis的复制功能,就一定会有内存快照发生,那么首先要注意你 的 ...

  2. MySQL: Starting MySQL….. ERROR! The server quit without updating PID file解决办法

    MySQL: Starting MySQL….. ERROR! The server quit without updating PID file解决办法 1 问题 [root@localhost m ...

  3. Web Service 元数据注释(JSR 181)

    Web Service 元数据注释(JSR 181) @WebService 1.serviceName: 对外发布的服务名,指定 Web Service 的服务名称:wsdl:service.缺省值 ...

  4. pthread clean up

    https://www.ibm.com/developerworks/cn/linux/thread/posix_threadapi/part4/ http://www.cnblogs.com/xfi ...

  5. Linux2.6内核实现的是NPTL

    NPTL是一个1×1的线程模型,即一个线程对于一个操作系统的调度进程,优点是非常简单.而其他一些操作系统比如Solaris则是MxN的,M对应创建的线程数,N对应操作系统可以运行的实体.(N<M ...

  6. 文件系统:drbd主备服务器文件同步

    一. DRBD介绍 DRBD是一种块设备,可以被用于高可用(HA)之中.它类似于一个网络RAID-1功能.当你将数据写入本地 文件系统时,数据还将会被发送到网络中另一台主机上.以相同的形式记录在一个文 ...

  7. struts2 + ajax + json的结合使用,实例讲解

    struts2用response怎么将json值返回到页面javascript解析,这里介绍一个struts2与json整合后包的用法. 1.准备工作 ①ajax使用Jquery:jquery-1.4 ...

  8. [整理]iOS开发学习

    最近想趁着休假,花点时间了解下最新的iOS8下的新特性以及Swift语言(想大致了解下和Objective-C有了哪些改进和不同) 可以通过Chris Lattner:Swift 编程语言首席架构师初 ...

  9. linux 客户端 Socket 非阻塞connect编程

    开发测试环境:虚拟机CentOS,windows网络调试助手        非阻塞模式有3种用途        1.三次握手同时做其他的处理.connect要花一个往返时间完成,从几毫秒的局域网到几百 ...

  10. Xen虚拟机克隆实战

    导读 在我们使用Xen虚拟化的时候,会经常创建虚拟机(VM),每次安装创建步骤比较繁琐,本文介绍通过virt-clone命令克隆xen虚拟机实战. 查看virt-clone命令是否存在 rpm -qa ...