设置ssh无密码登录

A（192.168.0.11）主机设置了任务计划定时向B（192.168.0.4）主机拷贝一些备份文件，如果每次执行scp命令要输入B主机密码显然不能够自动完成该任务。所以设置了ssh无密码登陆，操作如下：
1、在A主机上执行ssh-keygen生成密钥对

[root@db1 ~]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): #此处设置的是密钥对存放位置，可直接回车 Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): #提示输入证书密码，直接回车（若设置密码无法做到真正的全自动） Enter same passphrase again: #提示再次输入证书密码，直接回车 Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 4e:12:fa:1a:66:79:1f:7c:0c:c5:6f:d1:60:df:40:bb root@db1 The key's randomart image is: +--[ RSA 2048]----+ | o.o | | . . + + | | . o . + .| | . . . . . . | | . . S o E | | o = o . | | = o + o | | o + . o | | . . | +-----------------+

2、将公钥上传至B主机root目录下

[root@db1 ~]# ssh-copy-id -i root@192.168.0.4 root@192.168.0.4's password: Now try logging into the machine, with "ssh 'root@192.168.0.4'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.

3、在主机B上查看~/.ssh/authorized_keys文件

[root@db2]# cat ~/.ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxSNVkzQQojcJiwEsilq6+gWayKCJVAcPJxGvwGS7jBfkF4N11+vM0yFksIB5uEnRu3aNTbTAq+VBTkR1Jct8n/MzPk8Rj4TKVAeTLLf8PjzvzIAAE9wQJSuwfSw9rd7Q07iNuiqwNd/enO+6KEkTI5q2xwbybN/2UvFnRJALkzvqmx7iNXEg3oaMz/0VJ8bMvvT8Zw62m6q+QUQdyelTa+tBpj1aMxiX3V4dKmvELOSMzvYGdccdda4WVrqhbDHQJEF0Wzcm8+IqWmwZLbHwje6gJxt8YEmGMC5cvsRNEWctI78GVheTy33RXenydne9ymTk9hW8isk4Ope4z+3bdw== root@db1

4、在主机A上操作，将本地保护私钥的密码添加到agent

[root@db1 ~]# ssh-add Enter passphrase for /root/.ssh/id_rsa: #输入在第一步操作中设置的密码，若无设置请直接回车 Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)

注意：如果提示：“Could not open a connection to your authentication agent”则先执行ssh-agent bash再执行ssh-add
5、在A主机上ssh连接B主机，没有提示输入密码即ssh成功

[root@db1 ~]# ssh 192.168.0.4 Last login: Mon Mar 3 16:15:13 2014 from 20.0.0.69

本文出自 “生命不止” 博客，请务必保留此出处http://cnlinux.blog.51cto.com/6112794/1366885