1. [email protected]$ [Note: You are on local-host here]
2. [email protected]$ ssh-keygen
3. Generating public/private rsa key pair.
4. Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
5. Enter passphrase (empty for no passphrase): [Press enter key]
6. Enter same passphrase again: [Pess enter key]
7. Your identification has been saved in /home/jsmith/.ssh/id_rsa.
8. Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
9. The key fingerprint is:
10. 33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9 [email protected]

1. [email protected]$ ssh-copy-id -i ~/.ssh/id_rsa.pub remote-host
2. [email protected]'s password:
3. Now try logging into the machine, with "ssh 'remote-host'", and check in:
4. .ssh/authorized_keys
5. to make sure we haven't added extra keys that you weren't expecting.

注意: ssh-copy-id 將key寫到遠端機器的 ~/ .ssh/authorized_key.檔案中

1. [email protected]$ ssh remote-host
2. Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
3. [Note: SSH did not ask for password.]
4. [email protected]$ [Note: You are on remote-host here]

常見問題：

1. ssh-copy-id -u eucalyptus -i ~eucalyptus/.ssh/id_rsa.pub [email protected]_host

上述是給eucalyptus使用者賦予無密碼登陸的權利

[1]

1. /usr/bin/ssh-copy-id: ERROR: No identities found

使用選項 -i ，當沒有值傳遞的時候或者 如果 ~/.ssh/identity.pub 檔案不可訪問（不存在）, ssh-copy-id 將顯示上述的錯誤資訊  （ -i選項會優先使用將ssh-add -L的內容）

1. [email protected]$ ssh-agent $SHELL
2. [email protected]$ ssh-add -L
3. The agent has no identities.
4. [email protected]$ ssh-add
5. Identity added: /home/jsmith/.ssh/id_rsa (/home/jsmith/.ssh/id_rsa)
6. [email protected]$ ssh-add -L
7. ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsJIEILxftj8aSxMa3d8t6JvM79DyBV
8. aHrtPhTYpq7kIEMUNzApnyxsHpH1tQ/Ow== /home/jsmith/.ssh/id_rsa
9. [email protected]$ ssh-copy-id -i remote-host
10. [email protected]'s password:
11. Now try logging into the machine, with "ssh 'remote-host'", and check in:
12. .ssh/authorized_keys
13. to make sure we haven't added extra keys that you weren't expecting.
14. [Note: This has added the key displayed by ssh-add -L]

[2] ssh-copy-id應注意的三個小地方

1. Default public key: ssh-copy-id uses ~/.ssh/identity.pub as the default public key file (i.e when no value is passed to option -i). Instead, I wish it uses id_dsa.pub, or id_rsa.pub, or identity.pub as default keys. i.e If any one of them exist, it should copy that to the remote-host. If two or three of them exist, it should copy identity.pub as default.
2. The agent has no identities: When the ssh-agent is running and the ssh-add -L returns “The agent has no identities” (i.e no keys are added to the ssh-agent), the ssh-copy-id will still copy the message “The agent has no identities” to the remote-host’s authorized_keys entry.
3. Duplicate entry in authorized_keys: I wish ssh-copy-id validates duplicate entry on the remote-host’s authorized_keys. If you execute ssh-copy-id multiple times on the local-host, it will keep appending the same key on the remote-host’s authorized_keys file without checking for duplicates. Even with duplicate entries everything works as expected. But, I would like to have my authorized_keys file clutter free.