下面是用root使用者執行配置的,也可以切換到其他使用者去做這個配置,那麼跳轉的時候就 ssh [email protected]即可
1.生成各個主機自己的秘鑰檔案
主機a和主機b相同操作
[root@sfxbdb04 ~]# cd .ssh
[root@sfxbdb04 .ssh]# ls -lrt
total 12
-rw-r--r-- 1 root root 857 sep 13 14:26 authorized_keys
-rw-r--r-- 1 root root 4725 oct 29 16:29 known_hosts
[root@sfxbdb04 .ssh]# rm -f authorized_keys
[root@sfxbdb04 .ssh]# rm -f known_hosts
[root@sfxbdb04 .ssh]# ssh-keygen -t dsa ---有的是用rsa,一路回車即可
generating public/private dsa key pair.
enter file in which to save the key (/root/.ssh/id_dsa):
enter passphrase (empty for no passphrase):
enter same passphrase again:
your identification has been saved in /root/.ssh/id_dsa.
your public key has been saved in /root/.ssh/id_dsa.pub.
the key fingerprint is:
34:8a:16:02:25:dc:20:ae:ee:95:b1:32:99:e7:3b:6c [email protected]
total 8
-rw-r--r-- 1 root root 618 oct 30 16:55 id_dsa.pub
-rw------- 1 root root 668 oct 30 16:55 id_dsa
[root@sfxbdb04 .ssh]# cat id_dsa.pub >>authorized_keys
2.把主機a的authorized_keys傳到另一台主機b相同目錄
scp authorized_keys [email protected]:/root/.ssh
3.主機b将自身的秘鑰寫入authorized_keys
[root@sfxbdb04 .ssh]# ls -l
-rw-r--r-- 1 root root 1854 oct 30 16:59 authorized_keys
-rw------- 1 root root 668 oct 30 16:55 id_dsa
-rw-r--r-- 1 root root 618 oct 30 16:55 id_dsa.pub
cat id_dsa.pub >>authorized_keys
4.檢視
cat -n authorized_keys
5.再把這個傳回去給主機a就可以了。
scp authorized_keys [email protected]:/root/.ssh
6.跳轉測試(2台主機都能成功執行下面2個即成功)
ssh 192.168.1.13
ssh 192.168.1.14
記得第一次需要yes一下