ssh-copy-id nos permite generar nuestra propia clave RSA y copiarla a los servidores que queramos, y de esta forma ya no será necesario escribir el password de cada servidor.
Primero generamos la contraseña y no le ponemos password.
# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: be:11:15:e3:6a:dc:a6:a6:7e:e9:6c:7b:9f:30:28:40 root@poe The key's randomart image is: +--[ RSA 2048]----+ | o | | . o | | E o | | . . + | | . S o | | . o = | | . *.o | | =+o.o . | | .o+=o .o | +-----------------+
Ahora copiamos la clave al servidor
# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.1.254
The authenticity of host '192.168.1.254 (192.168.1.254)' can't be established. RSA key fingerprint is db:d0:45:cc:78:cf:10:4a:c6:80:c5:ff:a6:10:3a:43. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.1.254' (RSA) to the list of known hosts. root@192.168.1.254's password: Now try logging into the machine, with "ssh 'root@192.168.1.254'", and check in: ~/.ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.Y ahora intentamos conectar al servidor :
# ssh root@192.168.1.254 Last login: Sun Jun 26 19:33:41 2011Si elegimos poner contraseña a nuestra clave RSA, cada vez que hagamos uso de la clave nos pedirá el password, de forma que sólo necesitamos recordar un password
# ssh root@192.168.1.254
Enter passphrase for key '/root/.ssh/id_rsa':
Si queremos comprobar en el servidor qué usuarios tienen acceso, tenemos que echar un vistazo al archivo .ssh/authorized_keys :
# cat .ssh/authorized_keys
ssh-rsa ----clave ---- usuario@equipo ssh-rsa ----clave----- usuario@equipo
