本教程以root用戶演示
1.進入該用戶根目錄
cd ~
2.創建密鑰
[root@slave1 ~]# ssh-keygen
Generating public/private rsa key pair.
#該命令提示的意思是:讓我們定義私鑰的存放路徑,默認存在的路徑是在/root/.ssh/id_rsa的下面
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
#該命令提示的意思是:定義私鑰的密碼,一般爲了免密默認的留空,直接的回車
Enter passphrase (empty for no passphrase):
該命令提示的意思是:確認密碼設置
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:QuZWoxNQTWlFd5/wHmGiO/aQJH97sExwWO8gOzT38WI root@slave1
The key's randomart image is:
+---[RSA 2048]----+
| ...o.+o .+.o |
| . + .+.*.o|
| +.o. O + *.|
| + + .= X = +|
| * S X +E+.|
| . o . O.+. |
| = . |
| . |
| |
+----[SHA256]-----+
[root@slave1 ~]#
3.SSDH默認公鑰文件爲authorized_keys,可在配置中修改,此處使用默認配置。 創建authorized_keys,將公鑰寫入該文件並且授權。
[swack@localhost ~]$ touch .ssh/authorized_keys
[swack@localhost ~]$ cat /home/swack/.ssh/id_rsa.pub >> /home/swack/.ssh/authorized_keys
4.修改SSHD配置
vim /etc/ssh/sshd_config
修改以下參數
禁止密碼登錄
PasswordAuthentication no
啓用密鑰登錄
PubkeyAuthentication yes
5.重啓SSHD
systemctl reload sshd