[root@master .ssh]# ssh-keygen -t rsa
# 执行上面的命令直接敲3-4次回车。
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
aa:75:3d:49:f1:8b:63:80:24:77:1a:ad:e8:11:ae:db root@master
The key's randomart image is:
+--[ RSA 2048]----+
| |
| . |
| o + o . |
| . * * o |
| + + S . . |
| o . . + o . |
| . . o . B . |
| o o . . o |
| . E |
+-----------------+
[root@master .ssh]# ssh-copy-id master
The authenticity of host 'master (192.168.181.200)' can't be established.
RSA key fingerprint is 04:f2:c1:15:40:e3:dd:25:77:5d:8a:62:c1:9b:3c:dc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'master,192.168.181.200' (RSA) to the list of known hosts.
root@master's password:
Now try logging into the machine, with "ssh 'master'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@master .ssh]# ssh master
Last login: Fri Dec 21 08:45:54 2018 from master
# 当然完整的登陆命令是这样的。
[root@master ~]# ssh root@master
Last login: Fri Dec 21 08:46:18 2018 from master
最近在搭建ambari平台,出现很多问题,以为是获取不到登陆主机的权限 ,所以讲 .ssh 文件夹的权限修改成了 777 , 最后修改为 700,再执行上面的操作,完美实现免密码登陆。
最后要说明的是 .ssh 目录的权限只能是 700 | 755 , 绝对不能是 777.
sshd为了安全,对属主的目录和文件权限有所要求。如果权限不对,则ssh的免密码登陆不生效。
用户目录权限为 755 或者 700,就是不能是77x。
.ssh目录权限一般为755或者700。
rsa_id.pub 及authorized_keys权限一般为644
rsa_id权限必须为600
手机扫一扫
移动阅读更方便
你可能感兴趣的文章