[root@localhost .ssh]# /usr/bin/ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

30:f6:d7:2a:ac:56:eb:3f:fa:40:25:8d:90:96:68:cb

root@localhost.localdomain

在主機/.ssh目錄下生成密匙

使用ssh的rsa密匙

其中

id_rsa 私匙

id_rsa.pub 公匙

下述命令產生不同類型的密鑰

ssh-keygen -t dsa

ssh-keygen -t rsa

ssh-keygen -t rsa1

[root@localhost .ssh]# scp /root/.ssh/id_rsa.pubroot@172.16.142.5:/root/.ssh/authorized_keys

The authenticity of host '172.16.142.5 (172.16.142.5)' can't be established.

RSA key fingerprint is 4b:a5:74:fb:2e:08:60:af:fa:76:d4:b0:26:4c:13:75.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '172.16.142.5' (RSA) to the list of known hosts.

root@172.16.142.5's password:

id_rsa.pub ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?100% 236 ? ? 0.2KB/s ? 00:00

說明：

將公鑰拷貝到遠端主機，并寫入授權列表文件

你也可以把公鑰文件拷貝過去后，在遠端主機下直接執(zhí)行

touch /root/.ssh/authorized_keys

cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

3

操作完畢，登陸檢查。

[root@localhost .ssh]# ssh 172.16.142.5

root@172.16.142.5's password:

請注意此時如果仍提示輸入密碼，請檢查如下文件夾和文件的操作權限，這是非常重要的， 否則ssh公鑰認證體制不能正常工作：

172.16.142.4（客戶端）

/home/root文件夾的權限是600

/home/root/.ssh文件夾的權限是600 （好像這個權限關系不是很大）

/home/root/.ssh/id_dsa私鑰的權限600

172.16.142.5（遠端主機）

/home/root文件夾的權限是644

/home/root/.ssh文件夾的權限是644 （好像這個權限關系不是很大）

/root/.ssh/authorized_keys公鑰的權限644

4

[root@localhost ~]# ssh 172.16.142.5

Last login: Sat Dec 15 21:10:17 2007 from 172.16.142.4

[root@localhost ~]#

無密碼SSH登陸成功！