需求:在部署文件时候,拷贝部署文件到另外一台服务器上,通过scp拷贝实现拷贝过程中免密传输!
环境:
主机:A (192.168.1.200)
主机:B(192.168.1.201)
第一步:生成密钥对
1:使用ssh-kengen命令加上-t 指定算法rsa ,生成密钥对 (192.168.1.200)
[root@A ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
a6:08:32:2e:1d:a6:85:bb:7e:64:dd:92:f7:60:b2:67 root@ghs
The key’s randomart image is:
+–[ RSA 2048]—-+
| |
| |
| |
| . |
|+ = . o S |
|.O = * B |
|+.+ . B o |
|.. . . E . |
|o.. o |
##显示上面信息表示在/root/.ssh目录下生成两个文件id_rsa.pub公钥,id_rsa私钥文件
第二步:将公钥传到另外一台服务器上的/root/.ssh/authorized_keys文件里,如果没有这个authorized_keys文件名,创建相同的就行了。
1:拷贝公钥的信息(192.168.1.200)
[root@A .ssh]# cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDD6m8RcTU63BinrZLqDqKbca9V9c6Q+GhCQZ5bZYaW/l+ebSS+d2zSi8heI7VEYc/aimKr72hZRrVwGZrCnS61qd2zBU6b9PQrezbHtPEN/+LUFcdlMePAbeJ8ZAT2euPfS4NsFMzMJ6ZbCQK7nWuZlucL/Ze6hmuUa2bDpnyaIUiiPrCk+NIu2SzKjVM3BJQawaQ0S0MFqiKx0asdQOwHE2HxlsadadsadaGWKSgJabBg9jBXS+C1Klh4sXT+h70+gj4oojznPbAlILIdSt7uKfIMcNvABCVMPZVsmE/1md2a23Mc9omWBChOf6rCQM8xZyomonmPfiJtx1mPO5ntRO2Cr root@izbp1b4ym5wc0mvr9m4go8z
2:写入authorized_keys文件里保存即可(192.168.1.201)
[root@B .ssh]# vim authorized_keys
##—-A host
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDD6m8RcTU63BinrZLqDqKbca9V9c6Q+GhCQZ5bZYaW/l+ebSS+d2zSi8heI7VEYc/aimKr72hZRrVwGZrCnS61qd2zBU6b9PQrezbHtPEN/+LUFcdlMePbeJ8ZT2euPf4NsFMzMJ6ZbCQK7nWuZlucL/Ze6hmuUa2bDpnyaIUiiPrCk+NIu2zKjVM3BJQaQ00MFqiKx0QOwOzszfnjzvceTGsadWKSgJabBg9jBXS+C1Klh4sXT+h70+gj4oojznPbAlILIdSt7uKfIMcNvABCVMPZVsmE/1md2a23Mc9omWBChOf6rCQM8xZyomonmPfiJtx1mPO5ntRO2Cr root@izbp1b4ym5wc0mvr9m4go8z
第三步:测试
1:在A主机上使用ssh B主机测试(192.168.1.200)
[root@A ~]# ssh root@192.168.1.201
The authenticity of host ‘192.168.1.201 ‘ ‘(192.168.1.201)’ can’t be established.
ECDSA key fingerprint is 75:64:11:86:57:67:76:ef:3c:55:74:52:6b:15:49:3b.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/root/.ssh/known_hosts).
Last login: Mon Nov 20 10:47:29 2017 from 113.88.98.180
Welcome to Alibaba Cloud Elastic Compute Service !
[root@B ~]#
## Are you sure you want to continue connecting (yes/no)? 这里输入YES即可,显示[root@B ~]#表示实验成功