在此之前,将自己服务器的公钥拷贝上远程服务器上,加添到~/.ssh/authorized_keys文件中。可以用ssh-keygen -t rsa 或者 ssh-keygen -t dsa命令生成公钥和私钥。这一点不难,最关键的是要留意远程服务器上的文件和目录的权限问题。
Make sure the permissions on the ~/.ssh directory and its contents are proper. When I first set up my ssh key auth, I didn't have the ~/.ssh folder properly set up, and it yelled at me.
- Your home directory ~ and your ~/.ssh directory on the remote machine must be writable only by you: rwx------ and rwxr-xr-x are fine, but rwxrwx--- is no good, even if you are the only user in your group (if you prefer numeric modes: 700 or 755, not 775).
- Your private key file (on the local machine) must be readable and writable only by you: rw-------, i.e. 600.
- Your ~/.ssh/authorized_keys file (on the remote machine) must be readable (at least 400), but you'll need it to be also writable (600) if you will add any more keys to it.
- Also, if SELinux is set to enforcing, you may need to run restorecon -R -v ~/.ssh (see e.g. Ubuntu bug 965663 and Debian bug #658675; this is patched in CentOS 6).
参考:http://unix.stackexchange.com/questions/36540/why-am-i-still-getting-a-password-prompt-with-ssh-with-public-key-authentication