Linux之ssh-copy-id免密登入

1.定義

NAME

       ssh-copy-id - install your public key in a remote machine’s authorized_keys

SYNOPSIS

       ssh-copy-id [-i [identity_file]] [user@]machine

DESCRIPTION

       ssh-copy-id  is  a  script that uses ssh to log into a remote machine (presumably using a login password, so password authentication should be enabled, unless you’ve done some clever

       use of multiple identities) It also changes the permissions of the remote user’s home, ~/.ssh, and ~/.ssh/authorized_keys to remove group writability (which would  otherwise  prevent

       you  from logging in, if the remote sshd has StrictModes set in its configuration).  If the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regard-

       less of whether there are any keys in your ssh-agent.  Otherwise, if this:       ssh-add -L provides any output, it uses that in preference to the identity file.  If the -i option is

       used,  or  the  ssh-add  produced  no  output, then it uses the contents of the identity file.  Once it has one or more fingerprints (by whatever means) it uses ssh to append them to

       ~/.ssh/authorized_keys on the remote machine (creating the file, and directory, if necessary)

2.舉個例子

[root@oracle ~]# ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

25:f8:3c:45:12:da:1c:f1:5d:a2:6a:15:85:b3:45:cb root@oracle

The key's randomart image is:

+--[ RSA 2048]----+

|        =oo++ .  |

|       = =o=.+   |

|      o + *+E    |

|       o *.      |

|        S        |

|       . .       |

|                 |

|                 |

|                 |

+-----------------+

[root@oracle ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.8.221

The authenticity of host '192.168.8.221 (192.168.8.221)' can't be established.

RSA key fingerprint is 83:0a:18:0e:24:5c:60:6c:e7:25:92:0f:39:9c:04:63.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.8.221' (RSA) to the list of known hosts.

root@192.168.8.221's password:

Now try logging into the machine, with "ssh 'root@192.168.8.221'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

[root@oracle ~]# ssh 'root@192.168.8.221'

Last login: Fri Mar  3 08:47:01 2017 from 192.168.8.207

[root@oracle12c ~]# ifconfig eth0

eth0      Link encap:Ethernet  HWaddr 08:00:27:44:E8:19 

          inet addr:192.168.8.221  Bcast:192.168.8.255  Mask:255.255.255.0

          inet6 addr: fe80::a00:27ff:fe44:e819/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:9473 errors:0 dropped:0 overruns:0 frame:0

          TX packets:672 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:714647 (697.8 KiB)  TX bytes:86101 (84.0 KiB)