在 linux 系统管理中,设置免密码登录,进行机器的批量管理是最常用的一个方法。比如针对几十甚至上百台线上机器,通常我们会设置一台“发布机”作为中央控制机对其它线上机器免密码登录,然后进行软件、配置文件的分发、更新、部署。当然了,针对上面的问题,解决方案并非最优且唯一,比如你也可以用 expect 模拟自动输入来完成自动登录验证这一过程,或者用现在一些开源的软件自动化配置和部署工具,比如 Puppet,但这都不在本文的讨论范畴,今天咱们要说的就是这种最原始、最有效、最直接的方式:免密码登录。
环境:主机A godben 192.168.1.26
主机B godben2 192.168.1.30
在主机A上操作:
[root@godben ~]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): (忽略:直接回车即可) Enter same passphrase again: (忽略:直接回车即可) Your identification has been saved in /home/miao/.ssh/id_rsa. Your public key has been saved in /home/miao/.ssh/id_rsa.pub.
[root@godben ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.1.30 Password:Now try logging into the machine, with "ssh ‘root@192.168.1.30‘", and check in: .ssh/authorized_keys to make sure we haven‘t added extra keys that you weren‘t expecting.
在主机B上操作:
[root@godben ~]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): (忽略:直接回车即可) Enter same passphrase again: (忽略:直接回车即可) Your identification has been saved in /home/miao/.ssh/id_rsa. Your public key has been saved in /home/miao/.ssh/id_rsa.pub.
[root@godben ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.1.26 Password:Now try logging into the machine, with "ssh ‘root@192.168.1.26‘", and check in: .ssh/authorized_keys to make sure we haven‘t added extra keys that you weren‘t expecting.
测试:
在主机A上操作:ssh -l root 192.168.1.30
在主机B上操作:ssh -l root 192.168.1.26
本文出自 “godben” 博客,请务必保留此出处http://godben.blog.51cto.com/8919725/1696308
原文地址:http://godben.blog.51cto.com/8919725/1696308
