[root@kvm8 ~]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: c3:e9:25:65:00:c8:65:cb:e8:fe:4e:7e:ce:06:a4:9d root@kvm8.deyu.wang The key's randomart image is: +--[ RSA 2048]----+ | . o+.. | | o+ . . | | . o o | | . .. + | | .+ .S . | | .. E. + | | . ... | | + .o | | .++o | +-----------------+
[root@kvm8 ~]# scp .ssh/id_rsa.pub kvm7.deyu.wang:.ssh/ The authenticity of host 'kvm7.deyu.wang (' can't be established. RSA key fingerprint is 33:76:31:62:25:dd:eb:a6:1f:5a:54:10:b8:25:c3:66. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'kvm7.deyu.wang,' (RSA) to the list of known hosts. root@kvm7.deyu.wang's password: id_rsa.pub 100% 401 0.4KB/s 00:00
[root@kvm8 ~]# ssh kvm7.deyu.wang root@kvm7.deyu.wang's password: Last login: Tue Feb 4 19:31:13 2014 from
[root@kvm7 ~]# cat .ssh/id_rsa.pub >> .ssh/authorized_keys
及檔案 authorized_keys
的權限,若群組或其他人的權限過大,除了安全性有問題外,也有可能因 ssh 判斷要對應的金鑰不安全,而無法對應,也就是不能免密碼登入。
[root@kvm7 ~]# chmod 700 .ssh/ [root@kvm7 ~]# chmod 644 .ssh/authorized_keys [root@kvm7 ~]# ll -d .ssh drwx------. 2 root root 4096 Feb 4 19:36 .ssh [root@kvm7 ~]# ll .ssh/authorized_keys -rw-r--r--. 1 root root 401 Feb 4 19:36 .ssh/authorized_keys
[root@kvm7 ~]# exit logout Connection to kvm7.deyu.wang closed.
[root@kvm8 ~]# ssh kvm7.deyu.wang Last login: Tue Feb 4 19:32:57 2014 from