centos下scp实现免密拷贝

服务器A需要传输文件至B即A生成密钥B保存密钥
A_ip:192.168.0.1
B_ip:192.168.0.2

一、A服务生成公钥和私钥

[root@nginx ~]# ssh-keygen  #生产公钥和私钥一路回车
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:UB3AQ0pZ1UP/kZUL5YYRm2ND4Wv3dGS+wUFoRBIPv0Y root@nginx
The key's randomart image is:
+---[RSA 2048]----+
| .==+oB=B=oo|
| ..oo . X=B.o|
| o . .Eo*+|
| . o B*o|
| S = +=|
| o ..=|
| ..|
| |
| |
+----[SHA256]-----+

二、将A公钥拷贝到B

[root@nginx ~]# ssh-copy-id root@192.168.0.2 #将A密钥拷贝到B
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '[192.168.0.2]:22([192.168.0.2]:22)' can't be established.
ECDSA key fingerprint is SHA256:vzoV5jlVZ8X5GV/SIStmV0j0ua22W16mUotMaqBBhqE.
ECDSA key fingerprint is MD5:37:ea:d2:fb:36:6f:1d:49:54:b6:6e:3c:49:86:38:04.
Are you sure you want to continue connecting (yes/no)? yes #yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.0.2's password: #输入B的密码

Number of key(s) added: 1

Now try logging into the machine, with: "ssh -p '22' '192.168.0.2'" #配置完成
and check to make sure that only the key(s) you wanted were added.

三、测试

[root@nginx ~]# scp  test.yml 192.168.0.2:/opt
test.yml 100% 494 429.8KB/s 00:00

四、注意

秘钥文件默认在用户的家目录下
[root@nginx .ssh]# cd /root/.ssh/
[root@nginx .ssh]# ls
id_rsa id_rsa.pub known_hosts
id_rsa 私钥
id_rsa.pub 公钥
known_hosts 谁登陆过我的记录

密钥推给谁我登录谁就不需要输密码了。