利用ssh-copy-id实现SSH无密码登录

5645re

第一步: 产生公钥与私钥对：

1	[iyunv@local-host]# ssh-keygen -t rsa

按照提示输入完后，会在~/.ssh目录下生成id_rsa和id_rsa.pub这两个文件

第二步:用ssh-copy-id将公钥复制到远程机器中

ssh-copy-id 将本机的公钥复制到远程机器的authorized_keys文件中，ssh-copy-id也会给远程主机的用户主目录(home)和 ~./ssh  和 ~/.ssh/authorized_keys设置合适的权利。

语法：

1	ssh-copy-id [-i [identity_file]] [user@]machine

选项：

1

-i:指定公钥文件

实例：

把本地的ssh公钥文件安装到远程主机对应的账户下：

1 2 3 4 5 6 7 8

[iyunv@local-host]# ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host     root@remote-host's password:      #输入远程主机的用户密码     Now try logging into the machine, with "ssh 'remote-host'", and check in:       .ssh/authorized_keys     to make sure we haven't added extra keys that you weren't expecting.

第三步: 登录到远程机器不用输入密码

1 2	[iyunv@local-host]# ssh remote-host Last login: Mon Sep 11 18:30:00 2017 from remote-host

常见问题：

1 2	[iyunv@local-host]# ssh-copy-id -u demo -i ~demo/.ssh/id_rsa.pub demo@remote_host /usr/bin/ssh-copy-id: ERROR: No identities found

上述是给demo用户赋予无密码登陆的权利

使用选项 -i ，当没有值传递的时候或者 如果 ~/.ssh/identity.pub 文件不可访问（不存在）, ssh-copy-id 将显示上述的错误信息  （ -i选项会优先使用将ssh-add -L的内容）

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38

[iyunv@local-host]# ssh-agent $SHELL [iyunv@local-host]# ssh-add -L The agent has no identities. [iyunv@local-host]# ssh-add Identity added: /home/demo/.ssh/id_rsa (/home/demo/.ssh/id_rsa) [iyunv@local-host]# ssh-add -L ssh-rsa AAAAB3NUaC1TR2SJKAABIwAAAQEAsJIEILuftj8aSxMa3k8t6JvM79DpBV aHreqPShTYp7kISDMUNzUpnyxsHpH1tQ/Ow== /home/demo/.ssh/id_rsa [iyunv@local-host]# ssh-copy-id -i remote-host demo@remote-host's password: Now try logging into the machine, with "ssh 'remote-host'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting. [Note: This has added the key displayed by ssh-add -L]