Centos7 免密码登录

原理

1. 首先在 serverA 上生成一对秘钥（ssh-keygen）
2. 将公钥拷贝到 serverB，重命名 authorized_keys
3. serverA 向 serverB 发送一个连接请求，信息包括用户名、ip
4. serverB 接到请求，会从 authorized_keys 中查找，是否有相同的用户名、ip，如果有 serverB 会随机生成一个字符串
5. 然后使用使用公钥进行加密，再发送个 serverA
6. serverA 接到 serverB 发来的信息后，会使用私钥进行解密，然后将解密后的字符串发送给 serverB
7. serverB 接到 serverA 发来的信息后，会给先前生成的字符串进行比对，如果一直，则允许免密登录

启动ssh服务

# 查看 ssh 状态
systemctl status sshd
# 启动 ssh
systemctl start sshd
# 停止 ssh
systemctl stop sshd

serverA生成秘钥

[root@localhost .ssh]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/appdeployment/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/appdeployment/.ssh/id_rsa.
Your public key has been saved in /home/appdeployment/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:f/BaN7YYLQWgxPB3v9HxdJfWrG7E32gUBCAvWsBSJNk root@localhost
The key's randomart image is:
+---[RSA 2048]----+
|    .*=oo o....  |
|    o.E+.+ . . .o|
|     .  = o o .+*|
|       o o . +.==|
|      . S .   O o|
|         . o * =.|
|          . * @ o|
|           + O o |
|          . . .  |
+----[SHA256]-----+
[root@localhost .ssh]$

移动id_rsa.pub文件到serverB

下载serverA id_rsa.pub到本地

cd ~/.ssh/
sz id_rsa.pub

公钥导入到serverB

# 进入.ssh目录
cd ~/.ssh/
# 上传id_rsa.pub
rz
# 然后在 serverB 运行以下命令来将公钥导入到~/.ssh/authorized_keys这个文件中
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
# 设置 .ssh目录 权限设置为700
chmod 700 ~/.ssh
# 设置 authorized_keys的权限设置为600
chmod 600 ~/.ssh/authorized_keys

这是linux的安全要求，如果权限不对，自动登录将不会生效

验证

ssh 192.168.1.10