本文详细介绍如何在两台机器之间配置SSH免密登录。通过生成公钥和私钥,并将公钥添加到目标机器的authorized_keys文件中,实现从左机器到右机器的安全、便捷登录。文章还提供了权限设置建议及常见问题排查方法。
ou want to connect from machine "left" to machine "right".
Log into left:
mkdir ~/.ssh
cd ~/.ssh
ssh-keygen -b 1024 -t rsa1 -C "you@yourdomain.com" -N ""
ssh-keygen -b 1024 -t rsa -C "you@yourdomain.com" -N ""
ssh-keygen -b 1024 -t dsa -C "you@yourdomain.com" -N ""
This creates six files in your ~/.ssh directory:
identity
identity.pub
id_rsa
id_rsa.pub
id_dsa
id_dsa.pub
Log into right:
mkdir ~/.ssh
cd ~/.ssh
On right, create a file called "authorized_keys" (in the ~/.ssh directory). Paste the contents of the three .pub files created earlier into this file (you will have to work out for yourself the best way to do this).
Now test it out. On left:
ssh username@right
It should let you in without a password. If it does not, the first thing to check is your file permissions. The ~/.ssh directories on both sides should not be writable by anyone but the owner. The .pub files should be readable by everyone, but the other key files should only be readable by their owner. The permissions should be set correctly by ssh-keygen, but you never know. There are a lot of things that can go wrong here; troubleshooting is complicated and well beyond the scope of these instructions.
Log into left:
mkdir ~/.ssh
cd ~/.ssh
ssh-keygen -b 1024 -t rsa1 -C "you@yourdomain.com" -N ""
ssh-keygen -b 1024 -t rsa -C "you@yourdomain.com" -N ""
ssh-keygen -b 1024 -t dsa -C "you@yourdomain.com" -N ""
This creates six files in your ~/.ssh directory:
identity
identity.pub
id_rsa
id_rsa.pub
id_dsa
id_dsa.pub
Log into right:
mkdir ~/.ssh
cd ~/.ssh
On right, create a file called "authorized_keys" (in the ~/.ssh directory). Paste the contents of the three .pub files created earlier into this file (you will have to work out for yourself the best way to do this).
Now test it out. On left:
ssh username@right
It should let you in without a password. If it does not, the first thing to check is your file permissions. The ~/.ssh directories on both sides should not be writable by anyone but the owner. The .pub files should be readable by everyone, but the other key files should only be readable by their owner. The permissions should be set correctly by ssh-keygen, but you never know. There are a lot of things that can go wrong here; troubleshooting is complicated and well beyond the scope of these instructions.
扫一扫
632
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
