#免密ssh/秘钥登录

# 安装依赖
apt install -y openssh-server
# 生成密钥
ssh-keygen -t rsa -b 4096 -N "" -f /root/.ssh/id_rsa
# 方法1: 直接发送到目标机器
ssh-copy-id root@192.168.1.1

# 方法2: 实现本地免密登录(/root/.ssh/id_rsa 为登录时需要的密钥)
mkdir -p /root/.ssh/
touch /root/.ssh/authorized_keys
cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
chmod 700 /root/.ssh/
# 同类型的机器也可以把 /root/.ssh/id_rsa.pub 写入别的机器
# 然后下载 /root/.ssh/id_rsa 作为我们连接使用的密钥

username=test
useradd -m ${username}
mkdir -p /home/${username}/.ssh/
ssh-keygen -t rsa -b 4096 -N "" -f /home/${username}/.ssh/id_rsa
touch /home/${username}/.ssh/authorized_keys
cat /home/${username}/.ssh/id_rsa.pub >> /home/${username}/.ssh/authorized_keys
chmod 600 /home/${username}/.ssh/authorized_keys
chmod 700 /home/${username}/.ssh/
chown -R ${username}:${username} /home/${username}/.ssh