# ssh-agent bash
ssh-add -l
ssh-add /root/.ssh/xyzn_api
git pull origin master
===================
A机配置
1. 生成 CA 的密钥
# ssh-keygen -t rsa (连续三次回车,即在本地生成了公钥和私钥,不设置密码)
2. 将公钥拷到B端
# scp root@B的iP:root/.ssh/id_rsa.pub ./.ssh/id_rsa.pub (需要输入密码)
===================
B机配置
创建authorized_keys2文件
# more /etc/ssh/sshd_config | grep authorized
# touch /root/.ssh/authorized_keys2 (如果已经存在这个文件, 跳过这条)
②追加公钥到authorized_keys2中
# cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys2 (将id_rsa.pub的内容追加到 authorized_keys2 中)
3.SSH证书登陆验证
# ssh root@B的iP (因为没有设置私钥密码, 所以不需要密码, 登录成功)
复制SSH到服务器
ssh-copy-id -i ~/.ssh/id_rsa.pub username@server -p 22
注意权限:
chmod 600 ~/.ssh/config
chattr -i ~/.ssh/config
常用的SSH配置项
Host 别名
HostName 主机名
Port 端口
User 用户名
IdentityFile 密钥文件的路径
IdentitiesOnly 只接受SSH key 登录
PreferredAuthentications 强制使用Public Key验证
参考
# vim ~/.ssh/config
Host test
HostName 192.168.0.2
User root
Port 22
IdentityFile ~/.ssh/id_rsa
Host muji
HostName 172.17.0.1
User root
Port 22
IdentityFile ~/.ssh/id_rsa