sshd服务之免密码登录

1. 确保线上app1服务器上有pos用户 [root@app1-server ~]# id pos uid=504(pos) gid=504(pos) groups=504(pos) [root@app1-server ~]# echo 123|passwd --stdin pos 2. 跳板机上的开发人员code1~code3分别生成一对秘钥 [code1@jumper-server .ssh]$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/code1/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/code1/.ssh/id_rsa. Your public key has been saved in /home/code1/.ssh/id_rsa.pub. The key fingerprint is: 21:10:21:06:0b:d0:13:e9:52:7b:89:fc:82:cb:f4:ba code1@jumper-server The key's randomart image is: +--[ RSA 2048]----+ |=o+o+o | |.o=. . | |.+ + .. . | |. = o . . | | o o S | |... . | |o... | |.. . | | Eo | +-----------------+ [code1@jumper-server .ssh]$ ll total 12 -rw------- 1 code1 code1 1675 Aug 28 09:37 id_rsa 私钥 -rw-r--r-- 1 code1 code1 401 Aug 28 09:37 id_rsa.pub 公钥 -rw-r--r-- 1 code1 code1 390 Aug 26 11:27 known_hosts 3. 跳板机上的code1~code3人员将自己的公钥远程拷贝到线上app1的pos用户的加目录里（~/.ssh/xxx） [code1@jumper-server .ssh]$ ssh-copy-id -i pos@10.1.1.1 pos@10.1.1.1's password: Now try logging into the machine, with "ssh 'pos@10.1.1.1'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting. 或者 [code1@jumper-server .ssh]$ scp id_rsa.pub pos@10.1.1.1:/home/pos/.ssh/authorized_keys pos@10.1.1.1's password: id_rsa.pub 100% 401 0.4KB/s 00:00 [code1@jumper-server .ssh]$ 4. 测试验证 [code1@jumper-server ~]$ ssh pos@10.1.1.1 [pos@app1-server ~]$