服務器與服務器進行scp,備份時都需要密碼的認證造成了很多不便,以及安全的隱患,利用ssh的證書認證可以方便的進行備份與拷貝,提高了安全性能。
方法如下:
在服務器A上:創建密鑰
[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
然後進行
scp id_rsa.pub ip:.ssh/authorized_keys
cat id_rsa.pub >> authorized_keys
拷貝到服務器B上,然後再服務器B上重復A的操作即完成雙向認證。
注:如果沒有root下沒有.ssh請建立一個即可。