SSH远程连接命令:
用法格式:ssh IPADDR 不指定用户则以当前主机登录系统的用户身份去登录远程主机
ssh [email protected] 通过ssh协议以某用户身份远程登录到某主机
Usage: ssh [email protected] 以root身份通过ssh协议远程登录到192.168.1.100主机
ssh -l USERNAME IPADDR 相当于ssh [email protected]登录模式一样
ssh [email protected] ‘COMMOND‘ 以USERNAME用户在远程主机上执行COMMOND命令。
SCP远程复制命令:
用法格式:scp SRC原文件或目录 DEST目标目录 跟cp命令一样
-r:目录也复制
-a:隐藏文件,链接文件都一起复制
scp [email protected]:/path/to/somefile /path/to/local 从远程主机复制到本地主机来
scp /path/to/local [email protected]:/path/to/somefile 从本地主机复制到远程主机上
ssh-keygen -t rsa 生成密钥
生成的密钥保存在以下路径
私钥密钥保存至:~/.ssh/id_rsa 当前生成用户的家目录下
公钥密钥保存至:~/.ssh/id_rsa.pub
-f /path/to/KEY_FILE 指定密码保存路径和文件名
-P ‘password‘:指定加密私钥的密码
公钥追加保存至远程主机相对应用户的家目录下的~/.ssh/authorized_keys文件或 ~/.ssh/authorized_keys2文件中,一般追加保存至authorized_keys文件中
ssh-copy-id:将公钥传输至远程服务器 ~/.ssh/id_rsa.pub公钥的保存位置
ssh-copy-id 该命令并不是所有linux版本都支持
-i ~/.ssh/id_rsa.pub [email protected]
Usage: ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
实例:如何实现通过ssh远程登录主机不需要输入密码认证
方法一:把生成的公钥追加保存至远端服务器相对应的家目录下的
~/.ssh/authorized_keys文件中即可
[[email protected] ~]# ssh-keygen -t rsa 生成密钥
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa. 私钥路径
Your public key has been saved in /root/.ssh/id_rsa.pub. 公钥路径
The key fingerprint is:
c6:30:84:08:94:ff:91:58:82:56:25:d4:4b:53:98:e3 [email protected]
[[email protected] ~]# ls /root/.ssh/id_rsa
/root/.ssh/id_rsa
[[email protected] ~]# ls /root/.ssh/id_rsa.pub
/root/.ssh/id_rsa.pub
[[email protected] ~]# scp /root/.ssh/id_rsa.pub [email protected]:/root 首先把本地生成的 公钥复制到远程主机的家目录中
[[email protected] ~]# ssh [email protected] 先远程登录到主机
[[email protected] ~]# ls
id_rsa.pub install.log install.log.syslog
[[email protected] ~]# mkdir .ssh 远程主机没有.ssh目录需要新建该目录,且目录权限必须为700
[[email protected] ~]# chmod 700 .ssh/ 更改权限为700
[[email protected] ~]#cat ~/id_rsa.pub >> ~/.ssh/authorized_keys 追加保存
[[email protected] ~]#exit 退出远程主机后再通过ssh登录后及可不需要输入密码就登录
方法二:先生成密钥,然后通过命令直接复制至远程主机中
[[email protected] ~]# ssh-keygen -t rsa 生成密钥
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa. 私钥路径
Your public key has been saved in /root/.ssh/id_rsa.pub. 公钥路径
The key fingerprint is:
c6:30:84:08:94:ff:91:58:82:56:25:d4:4b:53:98:e3 [email protected]
[[email protected] ~]# ls /root/.ssh/id_rsa
/root/.ssh/id_rsa
[[email protected] ~]# ls /root/.ssh/id_rsa.pub
/root/.ssh/id_rsa.pub
[[email protected] ~]# ssh-copy-id -i /root/.ssh/id_rsd.pub [email protected]
[[email protected] ~]# ssh [email protected]重新通过ssh登录远端主机后不用输入密码即可登录