SSH是Secure SHell protocol的縮寫,它可以透過加密的技術,將等待傳送的封包加密後再進行傳輸。因此,在資料傳輸上當然就比較安全。但是每次連線都要輸入密碼相當麻煩。
以下將介紹透過ssh-keygen來建立免輸入密碼的機制
1)在source端利用ssh-keygen指令產生public/private
key
[root@source ~]$ ssh-keygen [–t
rsa / dsa]
#建立rsa的public key和private
keey
[root@source ~]$ ssh-keygen –t
rsa
Generating public/private rsa key
pair.
Enter file in which to save the
key (/root/.ssh/id_rsa): [按enter即可]
Enter passphrase (empty for no
passphrase): [按enter即可]
Enter same passphrase again: [按enter即可]
Your identification has been
saved in /root/.ssh/id_rsa.
Your public key has been saved in
/root/.ssh/id_rsa.pub. [預設存放位置]
[root@source ~]$ cd .ssh
[root@source ~/.ssh]$ ls
authorized_keys id_rsa
id_rsa.pub known_hosts
2)將public
key(id_rsa.pub)傳送到target端
[root@source ~/.ssh]$ scp id_rsa.pub
[target ip]:/root/.ssh
[root@source ~/.ssh]$ scp id_rsa.pub
74.125.31.94:/root/.ssh
3)將source端的public key(id_rsa.pub)放到authorized_keys,如此一來就可以直接從source端ssh到target端而不用輸入密碼了
[root@target ~]$ cd .ssh
[root@target ~/.ssh]$ ls
authorized_keys id_rsa.pub known_hosts
[root@target ~/.ssh]$ cat
id_rsa.pub >> authorized_keys
[root@source ~]$ ssh 74.125.31.94
[root@target ~]$
