详解SSH如何配置key免密码登录

如何使用

直接指定ip然后-i 指定key文件，然后指定用户

ssh 1.1.1.1 -i Test1 -l userxxx

不指定用户实际上就是使用当前的本机登陆的用户名去登陆远端主机，比如本地用户是AAA，那么：

ssh 1.1.1.1 -i Test1

等同于

ssh 1.1.1.1 -i Test1 -l AAA

这里要注意，生成的key是和一对用户绑定的，生成key的用户以及存储这个key的公钥的远端主机的用户。ssh的原理就是，公钥给人家，自己留秘钥，远端主机的其他用户也是无法看到这个指定的用户的接受到的公钥的，所以用户是一对一的。

比如我在test-server 下面的azuo1228生成key，然后拷贝到远端主机dest-server去使用，那么放在远端主机的哪个 用户home目录下面，对应的远端主机的这个用户才可以被无密码登陆，并不等于对远端主机的其他用户也能免密码登陆。

开始操作

1.生成key：

[azuo1228@test-server ~]$ ssh-keygen

这里一直敲回车就好

Generating public/private rsa key pair.Enter file in which to save the key (/home/azuo1228/.ssh/id_rsa):Created directory '/home/azuo1228/.ssh'.Enter passphrase (empty for no passphrase):Enter same passphrase again:Your identification has been saved in /home/azuo1228/.ssh/id_rsa.Your public key has been saved in /home/azuo1228/.ssh/id_rsa.pub.The key fingerprint is:d2:33:66:86:0a:b4:27:a9:86:92:24:ff:13:63:96:15 azuo1228@test-serverThe key's randomart image is:+--[ RSA 2048]----+|   || E  || . .  || . o .o  ||..= .oo S ||++ +*. = o ||=..o.o  ||o ..  || ..  |+-----------------+[azuo1228@test-server ~]$ cd .ssh/[azuo1228@test-server .ssh]$ dirid_rsa id_rsa.pub

查看生产结果

[azuo1228@test-server .ssh]$ lltotal 8-rw------- 1 azuo1228 administrator 1675 Dec 21 18:11 id_rsa-rw------- 1 azuo1228 administrator 403 Dec 21 18:11 id_rsa.pub[azuo1228@test-server .ssh]$ cat id_rsa.pubssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxp1CLe+v3L9OjlJCoBBMtQP5p2zQSACJuCD8rPRT2KQmLFznJo9ehTJQp3UfbSzAo3muudiJ9hvyL8f8hN05voXzBSyrul3v39iiqyPJGFbZhtlIsvVuHNEOVaa+StP/WVcH3nT50Y2TsIx0ikXUOVaaawHKUV3wBHlyLLANMAG8yOy4NIzCj++TO4n+66uyrgVvUfmZ02ALGGL0gUIV97tlhdwVQLG+2mJwSU0E3fksMVlhKxQrpaOx1OtObF0Xo4CmuuXAowtm/uW50gHRVYMA7N/VNgbWaa4hbypCV5m6UqF6P8bHp1Kgz0qm/U0ro1jFzNv1+fin2ZdwV1Ytr azuo1228@test-server

2.拷贝到远端主机指定用户的home下面

可以看到这次还是要输密码的

[azuo1228@test-server .ssh]$ scp id_rsa.pub azuo1228@10.148.167.106:/home/azuo1228Access and Authorization to this server is controlled by Active Directory. Please login with your admin account.azuo1228@10.148.167.106's password:id_rsa.pub 100% 403 0.4KB/s 00:00

在此测试登录 -- 需要密码，还没免密码

[azuo1228@test-server .ssh]$ ssh azuo1228@10.148.167.106Access and Authorization to this server is controlled by Active Directory. Please login with your admin account.azuo1228@10.148.167.106's password:Last login: Wed Dec 21 18:07:21 2016 from shang1lu4gnl.ads.autodesk.comAuthorized uses only. All activity may be monitored and reported.[azuo1228@dest-server ~]$