ssh创建秘钥对

1. 使用ssh-keygen 生成秘钥对

[root@6zix89b87qmvuv ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 按回车键或设置密钥的存储路径
Enter passphrase (empty for no passphrase): 按回车键或设置密钥的存储路径
Enter same passphrase again: 再次按回车键或设置密钥的密码
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:nY1RwH7UrxNwLDtw8+GzbVpSxvCUSzROP34TILYaVcs root@6zix89b87qmvuv
The key’s randomart image is:
±–[RSA 2048]----+
| …=o=.+.|
| =.X @o+|
| o.= E.@o|
| .+=+ *.O|
| S.+… @.|
| = *|
| * |
| . |
| |
±—[SHA256]-----+

2. 公钥私钥的默认位置在$HOME/.ssh

[root@6zix89b87qmvuv ~]# cd $HOME/.ssh
[root@6zix89b87qmvuv .ssh]# ll
total 20
-rw------- 1 root root 401 Jan 28 09:45 authorized_keys
-rw-r–r-- 1 root root 25 Mar 15 16:00 config
-rw------- 1 root root 1831 Mar 15 16:14 id_rsa
-rw-r–r-- 1 root root 401 Mar 15 16:14 id_rsa.pub
-rw-r–r-- 1 root root 517 Mar 15 16:06 known_hosts

3. 将公钥发送至远程主机（172.31.0.12）

[root@6zix89b87qmvuv .ssh]# ssh-copy-id 172.31.0.12 （不必再公钥目录下）
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
root@172.31.0.12’s password: 输入远程主机的密码

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘172.31.0.12’”
and check to make sure that only the key(s) you wanted were added.

4. 测试连接一下

[root@6zix89b87qmvuv .ssh]# ssh 172.31.0.12 默认使用root账号
Last login: Wed Mar 15 16:06:54 2023 from 172.31.0.4
[root@qn6t6bx1p0xo1o ~]# hostname -I 查看现在的ip
172.31.0.12 172.17.0.1 172.18.0.1