메뉴 닫기

ssh 패스워드 없이 로그인 하기

접속 방식

  • client장비에서 sshkey 생성
client$ ssh-keygen
 Generating public/private rsa key pair.
 Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'.
 Enter passphrase (empty for no passphrase): #엔터키 입력
 Enter same passphrase again:                #엔터키 입력
 Your identification has been saved in /root/.ssh/id_rsa.
 Your public key has been saved in /root/.ssh/id_rsa.pub.
 The key fingerprint is:
 SHA256:123123 root@client
 The key's randomart image is:
 +---[RSA 2048]----+
 |                 |
 |         . .     |
 |        . =      |
 |       . +.+     |
 |        S.o=o. . |
 |          o= + .| |        .+.o=o+o|
 |       .oo=oB*+oE|
 |        o==B+o+==|
 +----[SHA256]-----+
  • server 1~3까지 ssh 키 복사
  • 1. ssh-copy-id 명령어를 이용한 키 복사 (둘중에 하나만 사용하면 됩니다.)
client$ ssh-copy-id  192.168.10.101
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
 The authenticity of host '192.168.10.101 (192.168.10.101)' can't be established.
 ECDSA key fingerprint is SHA256:123412ss.
 ECDSA key fingerprint is MD5:01:15:23:36:78:47:11:ca:19:7a:20:30:e7:41:77:b2.
 Are you sure you want to continue connecting (yes/no)? yes #최초접속의 경우 yes 입력
 /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
 /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
 root@192.168.10.101's password: #server장비의 root패스워드 입력
 Number of key(s) added: 1
 Now try logging into the machine, with:   "ssh 'root@192.168.10.101'"
 and check to make sure that only the key(s) you wanted were added.
  • 파일 복사를 이용한 키 복사
    1. client에서 수행
client$ cat id_rsa.pub (출력되는 전체 텍스트 복사)
 ssh-rsa 123QWE root@client
  1. server에서 수행
server$ mkdir .ssh/
server$ echo "복사한 텍스트 붙여넣기" > authorized_keys
server$ chmod 700 .ssh
server$ chmod 600 .ssh/authorized_keys
  • client에서 sever로 ssh 접속 테스트
client$ hostname
client
server$ ssh 192.168.10.101
server$ hostname
server

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 항목은 *(으)로 표시합니다

[+] kaskus emoticons nartzco