假設從A主機ssh登入B主機,用秘鑰代替密碼,步驟如下:
1、在A主機上執行:ssh-keygen -t rsa
一切預設,不用輸入密碼,生成兩個檔案:
/root/.ssh/id_rsa
/root/.ssh/id_rsa.pub
2、生成authorized_keys檔案:
touch /root/.ssh/authorized_keys
cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
chmod 700 /root/.ssh/id_rsa
3、把authorized_keys檔案複製到B主機上:
scp /root/.ssh/authorized_keys root@xx.xx.xx.xx:/root/.ssh/
如果B主機上沒有/root/.ssh目錄,則先登入到B主機上執行ssh-keygen -t rsa,再複製authorized_keys檔案。
4、完成
5、如果以後某個主機的IP發生了調整,SSH時出現如下錯誤,按照前面的操作重新執行一遍即可。
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
a0:70:17:12:e3:3c:ed:ae:1c:2b:b7:2a:10:c7:bf:8f.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:8
ECDSA host key for 10.2.169.48 has changed and you have requested strict checking.
Host key verification failed.