1.用ssh-keygen -t rsa -P '' 生成rsa密钥对,生成后的文件在/root/.ssh/目录下保存,分别人id_rsa, id_rsa.pub

[root@HOSTNAME=master ~]# ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:oewrnAi9BB1rUvf196/Mb1EyJNnGDmjRaG8sGJRhQ6w root@HOSTNAME=master
The key's randomart image is:
+---[RSA 2048]----+
|       +*o.= +   |
|  o .  .=.= = =  |
| o + . o.* o *   |
|o +  .E...o = + .|
| =    o S  + . o.|
|. o  .        .. |
| o + ..        ..|
|  o +  .     o  o|
|     ..       ++.|
+----[SHA256]-----+
[root@HOSTNAME=master ~]# ls /root/.ssh/
id_rsa  id_rsa.pub

2.每台机器生成的公钥再进行合并,存到一个authorized_keys文件中,保存在/root/.ssh目录下

三台 机器的公钥如别如下,看机器后面的名字分master ,slave1,slave2

[root@HOSTNAME=master ~]# cat /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzadN4NG7LU3omZT2dhmmjr7kfQQsC98x0UoDFTr4gPJkVv0if6OCrsLBwO4Mbh7vLqx+AMZ/Z1dILtD/HmmsLPvTvLkdWszgVJ/VQ8YsJS/GFZ0Gy6kzHe1zdg+EcWYn1tZEGkxEinYgrvGdPSX9AalLZe0fO5DqXgSP0PQ7sLjq9qejYXQ1yPHXlTi6CLkwrTqWqY35eEKpeL3thu9Kirpo8rjYtzlRe6JnqP+53XT1MXjQjVPS4X6o/wQrcCwx+adJuBOIUzh5g5U1Ssvih2cUoEy0Yz+975eyAc/TdxlvfVSdvKUA1BpbEdpX1VP3oKpSTcHLki555zPZu8soJq+H5IwUr root@HOSTNAME=master
ssh-rsa AAAAB3NzadN4NG7LU3omZT2dhmmjr7kfQQsC98xlf3uhTlIDeDxY0gcxerwufiwcWMIxroHRQd/wOkr81Ymy6JtbHA0fqhygeIh9dKVupyQL7vBa8fex4tNdQoIkbOnR2Mcde6uTiQ1Eq2Kh1c1TW7KfH8xVMt8kNili1VF/vtHGg/H+nHK8zEg9VCaGtpQ5N50WTbnZEtjxqU4++n7tWbFYjEG2cMdsWST6jhGbP5KHuamq8qBq7Q4QTbrze2fDQPzrXpTcaNsTY47FXUPfDEmSxPAZiYGPwSgzv7IF1qy4wi8mTFOkCksdhYJkNXjIfsOiZcbfFaO8/OfDMPpvY93GOV+BnW3qLUvk41dojp3dNg5hXBST root@HOSTNAME=slave1
ssh-rsa AAAAB3NzadN4NG7LU3omZT2dhmmjr7kfQQsC98xOpl4k2WePB3LVYQkwLODucMtPgLJjh1R0DONA6r0yLlilRXZMR+RJWewhR1ksHorSh01DdgqRdnljpd7crXWcPXCQlmJvcT7Bw6URb7Do5uQPX+s7pJhn9samd0wKd+NCc4xDpUuAYoAggpi3kR5Dk/UTyTBnjb8dqGEf0ppppb0kxrbpLIZUyiekiPRN8KIYa8B0dwoGddYkMBtPGbkg00VKCNvUyWNBF1h1zEGEXnC0JQO8a/u9ZscOzmWi7eIs4Q4rvgyw82Iffn+fpLBRKbz1gtBwO06EjBzkbjHbt2ZKw18+INZp/Xhq5k648CseW7PWvemPDev+Y6ptaTD9 root@HOSTNAME=slave2

把这个合并后的文件authorized_keys 拷贝到其它两台机器上

用scp直接拷贝 , 会提示让你输入农牧民码。

[root@HOSTNAME=master ~]# scp -r /root/.ssh/authorized_keys root@slave2:/root/.ssh
The authenticity of host 'slave2 (192.168.159.138)' can't be established.
ECDSA key fingerprint is SHA256:gRzwbnTW5wD+Cl6FHgWKO040Bw5p3jQHdX6/0Foo/rk.
ECDSA key fingerprint is MD5:4e:62:74:d8:6c:ad:db:51:86:9a:3b:39:b7:59:5a:ff.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'slave2,192.168.159.138' (ECDSA) to the list of known hosts.
root@slave2's password: 
authorized_keys                                          100% 1200     1.1MB/s   00:00

3.ecssa

ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJhcQ7yINwfjEcWxl+QnzzVF/JV9EwJ8cesRdGINGQQvCfPuHD/Nym/IAflLbugMMQ322tMLimwK2kvyzpgS4Ug= root@HOSTNAME=master
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKJ4VowYfdoZslhP5eDPz2G1wl00rRSy+3gBl5GEOlwTn6cCHl41fl1KSPASvgy/0capsNrgEvRAQaYBeDZ8RbE= root@HOSTNAME=slave1
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBM8NrcUyaxipPsxUk6BXStNHlI2mLoeUI+3vrS0c/4Qg8r10+xps0hB8D1vcXzF+x0ydXHIF1ST5ADYKAFSFxpk= root@HOSTNAME=slave2

4,更改ecdsa为rsa

看一下这两台 VPS 的 /etc/ssh/sshd_config,里面指定了 HostKey,是不是第二台里面没有 ecdsa,

注意是sshd_config ,不是ssh_config

5.发现还是登陆不了, 重新来,可能是authoriz_key不能有空行。

6.重新设置过程过下,先删除/root/.ssh目录下的所有文件。

参考:https://www.cnblogs.com/shuochen/p/10441455.html

1. ssh-keygen -t rsa 各台机子分别分行,生成密钥对,三次回车就行
2. master机上上执行cat id_rsa.pub>>authorized_keys
3.在其它机子上执行
[root@HOSTNAME=slave1 ~]# ssh-copy-id -i master , 把salve1的公钥复制到master上
[root@HOSTNAME=slave2 ~]# ssh-copy-id -i master , 把salve2的公钥复制到master上
4.这个时候master上的authorized_keys文件上已经有了其它两机的公铺。 
5.设置权限 600, 可读写 [root@HOSTNAME=master .ssh]# chmod 600 authorized_keys 
6.查看权限 ls,authorized_keys前面是rw 表示可读写
[root@HOSTNAME=master .ssh]# ls -al
total 20
drwx------  2 root root   80 Nov 14 21:32 .
dr-xr-x---. 7 root root 4096 Nov 13 16:49 ..
-rw-------  1 root root 1206 Nov 14 21:29 authorized_keys
-rw-------  1 root root 1679 Nov 14 21:26 id_rsa
-rw-r--r--  1 root root  402 Nov 14 21:26 id_rsa.pub
-rw-r--r--  1 root root  588 Nov 14 21:32 known_hosts
6.拷贝到其它机器上 
[root@HOSTNAME=master .ssh]# scp authorized_keys  slave2:/root/.ssh/
[root@HOSTNAME=master .ssh]# scp authorized_keys  slave1:/root/.ssh/
7.测试 都可以无密登陆
[root@HOSTNAME=master .ssh]# ssh slave1
Last login: Sat Nov 14 21:33:27 2020 from master
[root@HOSTNAME=slave1 ~]# exit
logout
Connection to slave1 closed.
[root@HOSTNAME=master .ssh]# ssh slave2
Last login: Sat Nov 14 21:33:36 2020 from master

本文由 hcb 创作,采用 知识共享署名 3.0,可自由转载、引用,但需署名作者且注明文章出处。

还不快抢沙发

添加新评论