LINUX用户建立秘钥认证实现SHELL脚本管理、分发和部署

3.将公钥（锁）分发到SSH服务端：（ssh client）

# ssh-copy-id -i .ssh/id_dsa.pub 192.168.100.29

注：若非root用户，以及自定义SSH端口，则格式为：

# ssh-copy-id -i .ssh/id_rsa.pub "-p 22 user@server"

输入yes,然后密码后回车：

----------------------------

The authenticity of host '192.168.100.30 (192.168.100.30)' can't be established.

RSA key fingerprint is fc:9b:2e:38:3b:04:18:67:16:8f:dd:94:a8:bd:08:03.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.100.30' (RSA) to the list of known hosts.

Address 192.168.100.30 maps to bogon, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!

root@192.168.100.30's password:

Now try logging into the machine, with "ssh '192.168.100.30'", and check in:

 .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

-----------------------------

公钥分发完毕

4.服务端查看收到的分发文件：（ssh server）

# ll /root/.ssh

-------------

总用量 4

-rw------- 1 root root 613 6月   6 23:29 authorized_keys

-------------

成功收到

5.客户端验证登陆：（ssh client）

查看服务端IP地址：

# ssh 192.168.100.29 /sbin/ifconfig eth0

-----------------------

Address 192.168.100.29 maps to bogon, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!

eth0      Link encap:Ethernet  HWaddr 00:0C:29:7A:4F:30  

       inet addr:192.168.100.29  Bcast:192.168.100.255  Mask:255.255.255.0

       inet6 addr: fe80::20c:29ff:fe7a:4f30/64 Scope:Link

       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

       RX packets:184297 errors:0 dropped:0 overruns:0 frame:0

       TX packets:162028 errors:0 dropped:0 overruns:0 carrier:0

       collisions:0 txqueuelen:1000

       RX bytes:163599380 (156.0 MiB)  TX bytes:51284830 (48.9 MiB)

       Interrupt:19 Base address:0x2000

-----------------------

注：这里遇到警告提示“Address 192.168.100.29 maps to bogon, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!”。

解决办法为修改客户端/etc/hosts文件，将服务端的ip地址与主机名对应关系写进去就可以了。

（ssh client）

# echo "192.168.100.29  server.example.com" >> /etc/hosts

重新查看

# ssh 192.168.100.29 /sbin/ifconfig eth0

无错误提示：

--------------------------

eth0      Link encap:Ethernet  HWaddr 00:0C:29:7A:4F:30  

       inet addr:192.168.100.29  Bcast:192.168.100.255  Mask:255.255.255.0

       inet6 addr: fe80::20c:29ff:fe7a:4f30/64 Scope:Link

       UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

       RX packets:184530 errors:0 dropped:0 overruns:0 frame:0

       TX packets:162264 errors:0 dropped:0 overruns:0 carrier:0

       collisions:0 txqueuelen:1000

       RX bytes:163618650 (156.0 MiB)  TX bytes:51304877 (48.9 MiB)

       Interrupt:19 Base address:0x2000

---------------------------

查看服务端内存

# ssh 192.168.100.29 free -m

--------------------------

          total       used       free     shared    buffers     cached

（编辑：佛山站长网）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!