1. Client端生成密钥：ssh-keygen -t rsa
2. 在Client端传送公钥到Server: ssh-copy-id -i
[root@server1 ~]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 2a:73:a3:97:2f:61:99:3c:e9:d2:a4:5b:0c:e3:ff:88 firstname.lastname@example.org The key's randomart image is: +--[ RSA 2048]----+ | | | | | | | | | o. +S | | . +X. | | +**+ | | oO*o | | E+o+o | +-----------------+ [root@server1 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub email@example.com The authenticity of host '192.168.122.50 (192.168.122.50)' can't be established. RSA key fingerprint is 7e:3d:31:51:23:f0:08:d2:d6:a5:07:97:82:2e:84:fa. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.122.50' (RSA) to the list of known hosts. firstname.lastname@example.org's password: Now try logging into the machine, with "ssh 'email@example.com'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.