管理員可以通過(guò)遠(yuǎn)程登陸的方式,對(duì)通過(guò)網(wǎng)相連的分散于各處的多臺(tái)主機(jī)進(jìn)行管理操作。

管理員可以對(duì)遠(yuǎn)程主機(jī)進(jìn)行如下操作:

遺憾的事情是:這些操作不安全!

使用純文本口令,并用明文發(fā)送

在日常操作練習(xí)時(shí),用ssh登錄其他主機(jī)時(shí),可能會(huì)每次都需要輸入登錄密碼,哪怕用scp復(fù)制東西也需要。

為了更方便快捷的切換主機(jī),ssh免密通信不失為更好的選擇;

用ssh-keygen生成密鑰,默認(rèn)保存在本地的/root/.ssh/id_rsa

然后在用ssh-copy-id分發(fā)至目標(biāo)主機(jī)之上;登錄用戶(hù)@主機(jī)名或IP地址

注意:

1.最好是用主機(jī)名,在/etc/hosts文件中寫(xiě)入主機(jī)名和對(duì)應(yīng)的IP地址;

2.免密通信需要雙方相互認(rèn)證,所以也需要在目標(biāo)主機(jī)對(duì)本機(jī)做一次相同的操作;

[root@www ~]# ssh-keygen -t rsa -P '' 
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
/root/.ssh/id_rsa already exists.
Overwrite (y/n)?
[root@www ~]#ssh-copy-id -i .ssh/id_rsa.pub root@172.16.75.1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub"
The authenticity of host '172.16.75.1 (172.16.75.1)' can't be established.
ECDSA key fingerprint is SHA256:YXhbTS9MfK2IQC4gtOW4RL8voHvFqC1cAAMJXuF3Wec.
ECDSA key fingerprint is MD5:2c:c0:94:e8:3a:e4:74:88:c0:d8:e0:01:20:81:1d:8e.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@172.16.75.1's password: 
Number of key(s) added: 1
Now try logging into the machine, with:  "ssh 'root@172.16.75.1'"
and check to make sure that only the key(s) you wanted were added.
贊(4)
聲明:本網(wǎng)站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享網(wǎng)絡(luò)內(nèi)容為主,如果涉及侵權(quán)請(qǐng)盡快告知,我們將會(huì)在第一時(shí)間刪除。文章觀(guān)點(diǎn)不代表本網(wǎng)站立場(chǎng),如需處理請(qǐng)聯(lián)系客服。電話(huà):028-62778877-8306;郵箱:fanjiao@west.cn。本站原創(chuàng)內(nèi)容未經(jīng)允許不得轉(zhuǎn)載,或轉(zhuǎn)載時(shí)需注明出處:西部數(shù)碼知識(shí)庫(kù) » linux中ssh免密通信的實(shí)現(xiàn)

登錄

找回密碼

注冊(cè)