ssh 패스워드 없이 로그인 하기

ssh 공개 키 인증 방식 사용

키 쌍 생성

ssh-keygen -t rsa 명령어를 이용해 개인 키와 공개 키를 생성

 - id_rsa : 개인 키 (~/.ssh/id_rsa)

 - id_rsa.pub : 공개 키 (~/.ssh/id_rsa.pub)

[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:m8Bzt3A1GI6x8TClWIzhxwGI+DNamh+Q6EqYZdVPG0Q root@localhost
The key's randomart image is:
+---[RSA 3072]----+
| . . ooBE.o      |
|. . o.o++% o     |
|.o .  oo*o+ o    |
|+ B  . .o  . .   |
|oX o  + S o      |
|*o.    + * .     |
|o. .    o .      |
|. .              |
|                 |
+----[SHA256]-----+

 

공개 키를 원격 서버에 복사

ssh-copy-id [사용자]@[원격지IP]

# 방법1
[root@localhost ~]# ssh-copy-id root@192.168.100.150
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.100.150 (192.168.100.150)' can't be established.
ED25519 key fingerprint is SHA256:adJ1VdR4JMS5m8ZYdQgIkY8KrHPr/M/GFhrp2Wvbp+w.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.100.150's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.100.150'"
and check to make sure that only the key(s) you wanted were added.

 

패스워드 없이 로그인

[root@localhost ~]# ssh root@192.168.100.150
Last login: Fri Nov 29 22:26:27 2024 from 192.168.100.1

 

원격지 서버 설정 확인

ssh 설정 파일 (/etc/ssh/sshd_config)

# 공개 키 인증 활성화 옵션
PubkeyAuthentication yes (default : yes)

# 이 설정을 활성화 하면, 오직 공개 키 인증만 사용할 수 있습니다.
PasswordAuthentication no (default : yes)