摘要:
ssh-keygenSSH-keygen参数说明-code.world-博客园(cnblogs.com)ssh-keygen的详解_快乐&&平凡-CSDN博客_ssh-keygenDSA与RSA_博客&brz-CSDN博客加解密篇-非对称加密算法(RSA、DSA、ECC、DH)_u014294681的博客-CSDN博客_非对称加密算法配置主机互信ssh-keygenssh-copy-id10.1.
ssh-keygen
SSH-keygen参数说明 - code.world - 博客园 (cnblogs.com)
ssh-keygen 的 详解_快乐&&平凡-CSDN博客_ssh-keygen
加解密篇 -非对称加密算法 (RSA、DSA、ECC、DH)_u014294681的博客-CSDN博客_非对称加密算法
配置主机互信
ssh-keygen ssh-copy-id 10.1.10.71 ssh-copy-id 10.1.10.72 ssh-copy-id 10.1.10.73 或 ssh-keygen -t rsa ssh-copy-id -i /root/.ssh/id_rsa.pub root@controller01 ssh-copy-id -i /root/.ssh/id_rsa.pub root@controller02 ssh-copy-id -i /root/.ssh/id_rsa.pub root@controller03
删除互信
[root@localhost .ssh]# pwd /root/.ssh[root@localhost .ssh]# ls -a . .. authorized_keys [root@localhost .ssh]# rm -rf authorized_keys
删除ECDSA key
[root@localhost .ssh]# pwd /root/.ssh[root@localhost .ssh]# ls -a . .. authorized_keys id_rsa id_rsa.pub known_hosts [root@localhost .ssh]# catknown_hosts 10.1.10.72 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDm82gKqV6SlFxY21++gLDal5WwPT2gkubLc9uJbnRaL7XCty953KtWdMBlMklyFgG3j/dg8NameOeAy6QiPfEA=
sshpass
sshpass用于非交互SSH的密码验证,一般用在sh脚本中,无须手动输入密码
yum -y install sshpass
sshpass用法_时光Boy的博客-CSDN博客_sshpass
sshpass-Linux命令之非交互SSH密码验证 - chenlaichao - 博客园 (cnblogs.com)
利用sshpass批量实现基于key验证
1.免应答known_hosts
echo 'StrictHostKeyChecking no' > ~/.ssh/config
SSH之known_hosts文件_EricXiao666的博客-CSDN博客
ssh密钥登陆,免输入yes和更新known_hosts文件_weixin_34149796的博客-CSDN博客
2.shell脚本
ssh-keygen -t rsa -f /root/.ssh/id_rsa -P ''NET=10.1.10export SSHPASS=1## 密码 for IP in {1..200};dosshpass -e ssh-copy-id $NET.$IP ## -e参数通过前面SSHPASS定义密码 done
报错1:
[root@localhost ~]# ssh-copy-id 10.1.10.72
/usr/bin/ssh-copy-id: ERROR: failed to open ID file '/root/.pub': No such file or directory
(to install the contents of '/root/.pub' anyway, look at the -f option)
解决1:
ssh-keygen -t rsa
##