创建虚拟机后--
ssh-keygen 生成公钥和私钥对
-rw------- 1 root root 1679 11月 4 09:18 id_rsa
-rw-r--r-- 1 root root 395 11月 4 09:18 id_rsa.pub
id_rsa 里面是私钥信息 需要保存好.
id_rsa.pub 里面就是制作好的公钥
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnxrJDOsPI0XoE7WxzbmGa/i2O1/LW0iVRe3Qe+1iot0NP7VosV28YyeXAZkmgjTQaMszztMdYfjr34gs1YcL0qG8eHLbOy6dJiWInxSms5r9kASKi155i6ovtza6vHbmgXZmwYBD1Wrmc+zRTuGU+e7N8QNvWCTOKFYweL1QSLLduN/ghBXpNiM0lq8xx0GiDCbZIO3bz/ArVstmrS9KlLDu0epIvxPz37jZ0gOG1SF610QECPQorqP68/mtWXS+5Iie/FTXaCnnhacxzW0MSIT5PfIT8nsL5seQrg6bjxny8j5Yq/6oIEhC4KrsoqpSmi3L9cLqWPwONN1qlJ0ip root@centos01
后面有用户和机器名的信息
然后使用ssh-copy-id ~/.ssh/id_rsa.pub root@10.24.100.52:/root/.ssh/
会自动在目标机器上面创建一个 authorized_keys
然后里面会包含本地的pubkey 的信息:
vim centos02 : authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnxrJDOsPI0XoE7WxzbmGa/i2O1/LW0iVRe3Qe+1iot0NP7VosV28YyeXAZkmgjTQaMszztMdYfjr34gs1YcL0qG8eHLbOy6dJiWInxSms5r9kASKi155i6ovtza6vHbmgXZmwYBD1Wrmc+zRTuGU+e7N8QNvWCTOKFYweL1QSLLduN/ghBXpNiM0lq8xx0GiDCbZIO3bz/ArVstmrS9KlLDu0epIvxPz37jZ0gOG1SF610QECPQorqP68/mtWXS+5Iie/FTXaCnnhacxzW0MSIT5PfIT8nsL5seQrg6bjxny8j5Yq/6oIEhC4KrsoqpSmi3L9cLqWPwONN1qlJ0ip root@centos01
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC75IpZ/IlQzb54W21edAMYPn3VTyIacyi1XU2B51xVCDrM+zpRGrcVWlGBZafYpShjceVmC7uy4Jh5pcw+RMLUfM9KjZy+sQb8pRixKpoM3DU89SwC+6Yit+xOm2kISSs+xpTdxsAX9Ow3hLLo5uo3eppqlWkoEgyM0Uy9hhff2HQOAR5YJjuyLaem2nSpjgpWDliLQUIJ8IGFofjOvR/UGR4sgh3tMm83cuqmuSR2G3qbBXswfvzDeel3U/bgvna4sYqb3orPlfcjKd4z+OAj5KcMLxy6fuzQRQDkZPFuZEozpCRFDVEiqTum+lQOjN976mTp+ZhNjJzLQSQ+e6gv root@centos03
在centos02机器上面包含了centos01机器的公钥信息
那么centos01机器 远程centos02 时就可以不使用密码 直接登录了
相应的 如果想让centos02 远程登录centos01 的话 可以再centos02 机器上面执行相同的命令操作:
ssh-copy-id ~/.ssh/id_rsa.pub root@10.24.100.51:/root/.ssh/
这样两个机器就能够相互 使用证书进行ssh互信登录了.
----------------------------------
需要学习的很多,但是自己会的太少..
