测试机1: 172.16.1.3测试机2: 172.16.1.4
在测试机1上执行下面的命令,然后按照提示执行#sh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa):Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:2a:7b:e5:06:ac:73:5f:c5:bd:95:37:4c:5a:77:88:25 root@test1The key's randomart image is:+--[ RSA 2048]----+| E . || + . || . .oo|| . .= +|| . S o..+o|| o.. . oo|| ...+ . . || ooo o. || .+ o. |+-----------------+[root@test1 .ssh]# ls \\\ 检查生成的文件id_rsa id_rsa.pub[root@test1 .ssh]# ssh-copy-id -i id_rsa.pub root@172.16.1.4 \\\ 将密钥拷贝到test2上Warning: Permanently added '172.16.1.4' (RSA) to the list of known hosts.root@172.16.1.4's password:Now try logging into the machine, with 'ssh 'root@172.16.1.4'', and check in:.ssh/authorized_keysto make sure we haven't added extra keys that you weren't expecting.在测试机2上执行上面同样步骤
验证结果在测试机2上ssh 登录测试机1# ssh root@172.16.1.3The authenticity of host '172.16.1.3 (172.16.1.3)' can't be established.RSA key fingerprint is fa:1d:0b:91:86:11:76:3a:06:fa:94:e1:ea:bc:c7:f9.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '172.16.1.3' (RSA) to the list of known hosts.root@172.16.1.3's password: \\\第一次需要输入密码Last login: Thu May 2 16:28:47 2014 from test2[root@test1 ~]# ifconfig eth0eth0 Link encap:Ethernet HWaddr 00:0C:29:54:82:19inet addr:172.16.1.3 Bcast:172.16.1.127 Mask:255.255.255.0inet6 addr: fe80::20c:29ff:fe54:8219/64 Scope:LinkUP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1RX packets:15753998 errors:4 dropped:71 overruns:0 frame:0TX packets:115445 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:1000RX bytes:1 (1018.6 MiB) TX bytes:20615551 (19.6 MiB)Interrupt:18 Base address:0x2000
[root@test1 ~]# ssh root@172.16.1.4The authenticity of host '172.16.1.4 (172.16.1.4)' can't be established.RSA key fingerprint is fa:1d:0b:91:86:11:76:3a:06:fa:94:e1:ea:bc:c7:f9.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '172.16.1.4' (RSA) to the list of known hosts.root@172.16.1.4's password: \\\第一次需要输入密码Last login: Thu May 2 17:04:45 2014 from test1[root@test2 ~]# logout[root@test1 ~]# ssh root@172.16.1.4Last login: Thu May 2 17:07:53 2014 from test2[root@test2 ~]#
经上述验证,均无误,之后便可不用密码登录了!不过线上环境不建议用这种方法!!!