CentOS6.5 SSH双机互信

在很多时候，需要用到ssh登录到另外一台服务器上，而每次登录都需要输入密码，这里就可以使用双击互信来避免频繁的输入密码

node1：192.168.5.130
node2：192.168.5.131

在node1上生成公钥和私钥

[root@node1 ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P ''
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
c2:17:32:d6:43:1b:40:18:05:73:29:75:31:7b:1a:9a root@node1
The key's randomart image is:
+--[ RSA 2048]----+
|    +B*o*.       |
|    oo.+ =       |
|     .+ B .      |
|     o = *       |
|      E S        |
|       o         |
|                 |
|                 |
|                 |
+-----------------+
[root@node1 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@node2
The authenticity of host 'node2 (192.168.5.131)' can't be established.
RSA key fingerprint is 86:5f:78:00:03:3f:67:5b:78:3e:c4:ef:a7:b0:f5:69.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node2,192.168.5.131' (RSA) to the list of known hosts.
root@node2's password:
Now try logging into the machine, with "ssh 'root@node2'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@node1 ~]# ssh node2 'hostname'
node2
[root@node1 ~]#

在node2上生成公钥和私钥

[root@node2 ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P ''
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
73:74:9e:ba:d5:7e:4b:69:7d:f1:62:cd:93:6a:af:99 root@node2
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|                 |
|          . .    |
|         . o .   |
|        S . o  . |
|         o . . o*|
|          . . +**|
|           o +*.+|
|          . .E++.|
+-----------------+
[root@node2 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@node1
The authenticity of host 'node1 (192.168.5.130)' can't be established.
RSA key fingerprint is b2:c5:bc:d3:f4:e0:94:35:fd:79:91:8a:4c:2c:1e:4b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node1,192.168.5.130' (RSA) to the list of known hosts.
root@node1's password:
Now try logging into the machine, with "ssh 'root@node1'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@node2 ~]# ssh node1 'hostname'
node1
[root@node2 ~]#

有时候也会遇到本机登录本机的情况，也可使用这种方式来本机信任本机

[root@node1 ~]# ssh-copy-id localhost
root@localhost's password:
Now try logging into the machine, with "ssh 'localhost'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@node1 ~]#
[root@node2 ~]# ssh-copy-id localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is 86:5f:78:00:03:3f:67:5b:78:3e:c4:ef:a7:b0:f5:69.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
root@localhost's password:
Now try logging into the machine, with "ssh 'localhost'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@node2 ~]#

注：若主机名无法解析，可将解析信息添加到/etc/hosts中或直接使用IP