在Linux服务器、客户端之间构建密钥对验证进行远程连接

[zhangsan@localhost /]$ ssh-keygen -t ecdsa         # -t 用来指定算法类型：ecdsa和dsa
Generating public/private ecdsa key pair.
Enter file in which to save the key (/home/zhangsan/.ssh/id_ecdsa):     # 指定私钥位置
Created directory '/home/zhangsan/.ssh'.
Enter passphrase (empty for no passphrase):             # 设置私钥短语
Enter same passphrase again:                            # 确认所设置的私钥短语
Your identification has been saved in /home/zhangsan/.ssh/id_ecdsa.
Your public key has been saved in /home/zhangsan/.ssh/id_ecdsa.pub.
The key fingerprint is:
81:3b:35:3b:8f:12:60:ba:f5:68:57:b0:ae:35:2c:fe zhangsan@localhost.localdomain
The key's randomart image is:
+--[ECDSA  256]---+
|                 |
|       .         |
|    o o +        |
|   o . = +       |
|  . . = S        |                                      # 一般出来左边这一串就说明对了
|   o = + +       |
|  . + O . .      |
|   o = o         |
|    o.E          |
+-----------------+

[zhangsan@localhost /]$ ssh-copy-id -i ~/.ssh/id_ecdsa.pub lisi@192.168.1.20 -p 2345                         # -i 选项用来指定公钥文件
The authenticity of host '[192.168.1.20]:2345 ([192.168.1.20]:2345)' can't be established.
ECDSA key fingerprint is 68:df:0f:ac:c7:75:df:02:88:7d:36:6a:1a:ae:27:23.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
lisi@192.168.1.20's password:           # lisi 用户的密码    验证后会将公钥添加到lisi宿主目录下的./sshauthorized_keys 文件

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '2345' 'lisi@192.168.1.20'"
and check to make sure that only the key(s) you wanted were added.

[zhangsan@localhost /]$ ssh -p 2345 lisi@192.168.1.20
Enter passphrase for key '/home/zhangsan/.ssh/id_ecdsa':        # 这里输入私钥短语，就不需要输入lisi的密码了
Last login: Fri Aug 16 18:19:48 2019 from 192.168.1.10
[lisi@mysql ~]$