CentOs7做SSH免密登录

环境准备

1. 访问阿里镜像中心下载所需的版本：mirrors.aliyun.com/centos/7/is…

2. 设置virtualBox全局NAT网络，以便两台虚拟机可互通及防止ip重复

3. 新建虚拟机并进行设置

3.1 新建

3.2 设置处理器，最少为2个，选择1个安装好后会启动不起来

3.3 设置显示器，选择VboxSVGA

3.4 配置网络，选择NAT网络，并选择第二步所新建的NAT网路

3.5 配置存储，光盘加载第一步下载的镜像

3.6 点击启动进行安装，进入安装界面后，配置网络，开启IPV4

3.7 点击开始安装，配置root密码，等待安装完成

4. 安装完成后，关闭虚拟机，然后点击复制，复制一台新的虚拟机，复制选项中，MAC地址设定中选择重新分配MAC地址

5. 分别启动两天虚拟机，输入root账户和密码，然后输入命令ip addr查看ip地址，至此我们得到两台虚拟机

|名称|ip| | ----| | ----| |A|10.0.2.4| |B|10.0.2.15|

单向免密登录

目标：A机器可免密登录到B机器

1. 打开A虚拟机，然后执行如下命令生成rsa的公钥和私钥，一路默认即可

[root@youxi1 ~]# ssh-keygen -t rsa　　//默认指定的是rsa，所以可以没有-t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:ia+le9ZX3cAxztmIINJbWnEGrK9lq4lY4pYNevgqecM root@youxi1
The key's randomart image is:
+---[RSA 2048]----+
|       . .ooo    |
|      . o =o  o  |
|       . B . = * |
|       .+.  . B .|
|      . S.     o.|
|    .  .  +   . o|
| o o.+. o= . .   |
|o E.++.=+.o .    |
| o.*+ =+o. .     |
+----[SHA256]-----+

2. 使用ssh-copy-id命令将生成id_rsa.pub复制到B机器对应的目录下，并自动进行配置

ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.0.2.15
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub"
The authenticity of host '[192.168.1.7]:2891 ([192.168.1.7]:2891)' can't be established.
ECDSA key fingerprint is SHA256:j3ee8eoTo2XEv0QxCYmxphMipcNRxC+IONPmt1HwRLg.
ECDSA key fingerprint is MD5:25:e2:b4:08:f2:79:7d:6e:42:84:b5:78:3d:6a:81:20.
Are you sure you want to continue connecting (yes/no)? yes　　//yes继续
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.1.7's password: 　　//输入192.168.1.7服务器上的root用户的密码
 
Number of key(s) added: 1
 
Now try logging into the machine, with:   "ssh -p '2891' 'root@192.168.1.7'"
and check to make sure that only the key(s) you wanted were added.

3. 使用ssh命令进行测试

ssh root@10.0.2.15