SSH KEY免密码验证

For mac os install ssh-copy-id:

brew install ssh-copy-id

For Linux install ssh-copy-id 

yum install openssh*

STEP:

1: 生成SSH公钥

[root@redhat ~]# ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key (/root/.ssh/id_dsa): 

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /root/.ssh/id_dsa.

Your public key has been saved in /root/.ssh/id_dsa.pub.

The key fingerprint is:

6e:20:94:d5:e1:cc:42:9f:37:de:ce:bb:d9:e4:f6:6d root@redhat.com

在当前家目录会生成隐藏目录.ssh和dsa文件

[root@redhat .ssh]# ls -la

total 24

drwx------ 2 root root 4096 Jul  8 06:17 .

drwxr-x--- 4 root root 4096 Jul  8 06:10 ..

-rw------- 1 root root  622 Jul  8 06:10 authorized_keys

-rw------- 1 root root  668 Jul  8 06:17 id_dsa

-rw-r--r-- 1 root root  605 Jul  8 06:17 id_dsa.pub

2：copy 公钥到需要免密码登录的服务器

[root@redhat .ssh]# ssh-copy-id -i id_dsa.pub root@172.16.1.11

10

The authenticity of host '172.16.1.11 (172.16.1.11)' can't be established.

RSA key fingerprint is 31:e6:9a:7a:02:a4:60:eb:b8:44:d0:30:80:1c:76:7d.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '172.16.1.11' (RSA) to the list of known hosts.

root@172.16.1.11's password: 

Now try logging into the machine, with "ssh 'root@172.16.1.11'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

3: 实现免密码登录

[root@redhat .ssh]# ssh root@172.16.1.11

Last login: Fri Jul  8 02:00:40 2016 from 172.16.1.1

[root@centos ~]#