#免密ssh/秘钥登录
#root用户创建
# 安装依赖
apt install -y openssh-server
# 生成秘钥
ssh-keygen -t rsa -b 4096 -N "" -f /root/.ssh/id_rsa
# 方法1、直接发送到机器
ssh-copy-id root@192.168.1.1
# 方法2、实现本地免密登录(/root/.ssh/id_rsa为登录时候需要的key)
mkdir -p /root/.ssh/
touch /root/.ssh/authorized_keys
cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
chmod 700 /root/.ssh/
# 同类型的机器也可以把/root/.ssh/id_rsa.pub写入别的机器
# 然后下载/root/.ssh/id_rsa为我们连接使用的秘钥#子用户创建
username=test
useradd -m ${username}
mkdir -p /home/${username}/.ssh/
ssh-keygen -t rsa -b 4096 -N "" -f /home/${username}/.ssh/id_rsa
touch /home/${username}/.ssh/authorized_keys
cat /home/${username}/.ssh/id_rsa.pub >> /home/${username}/.ssh/authorized_keys
chmod 600 /home/${username}/.ssh/authorized_keys
chmod 700 /home/${username}/.ssh/
chown -R ${username}:${username} /home/${username}/.sshTip
创建仅用于代理的用户可以再执行chsh -s /bin/false ${username}