生成ssh key 并将公钥部署到目标服务器
做自动化部署或者方便ssh访问远程服务器时,需要将本机生成的ssh 公钥部署到目标服务器。通过ssh登录管理远程服务器,或者通过scp等命令管理目标服务器文件
本机生成ssh key
[root@liwei-centos ~]# ssh-keygen -t rsa -b 2048 -C "xxxx@gmail.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:VH5M34VoMKHwKIKMrrMzBADDwjG8cd0rdduXGoeq9r xxxx@gmail.com
The key's randomart image is:
+---[RSA 2048]----+
|Bo. . o =o.. ..|
|=B.. . = + +o....|
|=.= . + = ..o . .|
|o. . * + . |
|.. . = S |
|.. . E |
|+ . o o |
|o+ + . |
|.ooo+. |
+----[SHA256]-----+
将公钥.pub部署到目标服务
ssh-copy-id -i ~/.ssh/id_rsa.pub -p 28292 root@64.64.225.176
# 过程中会让你输入目标服务器的密码
# 如果使用的是非root用户,可能会有文件权限的问题,可以从文件夹、文件赋权解决问题
这一步就是将公钥数据写入到目标服务器authorized_keys文件中,完成这一步的方式很多
通过scp远程复制到目标服务器上
scp -P 28292 -r ~/.ssh/id_rsa.pub root@64.64.225.176:/root/.ssh/authorized_keys可以手动将文件上传到目标服务器.ssh/文件夹中(这里在哪不限,只要下面命名路径修改对就行),然后读取内容并写入到authorized_keys文件中
cat id_rsa.pub >> ~/.ssh/authorized_keys
