日期:2014-05-16  浏览次数:20803 次

[转]Linux:如何使得执行scp命令时不需要输入用户密码
转自:http://blog.tianya.cn/blogger/post_read.asp?BlogID=3668847&PostID=32922633
由于很多部门需要从公司服务器后台的数据库中去拉报表,
  
    且因为每个部门对数据库表的需求、字段的需求不一样,
  
    例如:
  
    客服可能需要用户表、仓库产品表。
  
    而产品部门却需要产品列表等。
  
    这样会导致数据库反复的去检索查询数据库中的数据,并且在前段用户同时访问的情况下,这样就无形的导致
  
    数据库系统以及操作系统的压力过大。
  
    为解决这个问题,所以准备将数据库整个目录定时备份到另一台机器上,然后使得需要拉报表的人员从这台backup的机器上去拉报表。
  
    ========================================================================================================
  
    问题出现:
  
    但是这时候写脚本,问题就出现,因为我要从这个“执行脚本”的机器上面备份到另一台“接收数据”的机器上去。
  
    这时候就想到了SCP命令。
  
    但是我们知道在使用SCP命令的时候,其中因为安全机制的问题会跳出输入密码的部分,而且如果两台机器如果是第一次互相通信,
  
    那么还会出现如下的需要确认的信息:
  
    [root@test2 idaphne]# scp -rv 1.txt roo@192.168.2.70:/root/scripts/
  
    Executing: program /usr/bin/ssh host 192.168.2.70, user roo, command scp -v -r -t /root/scripts/
  
    OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
  
    debug1: Reading configuration data /etc/ssh/ssh_config
  
    debug1: Applying options for *
  
    debug1: Connecting to 192.168.2.70 [192.168.2.70] port 22.
  
    debug1: Connection established.
  
    debug1: permanently_set_uid: 0/0
  
    debug1: identity file /root/.ssh/identity type -1
  
    debug1: identity file /root/.ssh/id_rsa type -1
  
    debug1: identity file /root/.ssh/id_dsa type -1
  
    debug1: loaded 3 keys
  
    debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
  
    debug1: match: OpenSSH_4.3 pat OpenSSH*
  
    debug1: Enabling compatibility mode for protocol 2.0
  
    debug1: Local version string SSH-2.0-OpenSSH_4.3
  
    debug1: SSH2_MSG_KEXINIT sent
  
    debug1: SSH2_MSG_KEXINIT received
  
    debug1: kex: server->client aes128-cbc hmac-md5 none
  
    debug1: kex: client->server aes128-cbc hmac-md5 none
  
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  
    The authenticity of host '192.168.2.70 (192.168.2.70)' can't be established.
  
    RSA key fingerprint is 3d:33:ce:58:2c:27:6a:bb:93:19:14:f7:7b:bc:42:8a.
  
    Are you sure you want to continue connecting (yes/no)?
  
    上面最后一行,就已经提示输入yes或是no了。这是两台机器建立临时信任机制的过程。
  
    通过信息我们可以想到,scp命令使用是SSH服务的22端口进行通信。所以这一步输入“yes”
  
    Are you sure you want to continue connecting (yes/no)? yes
  
    Warning: Permanently added '192.168.2.70' (RSA) to the list of known hosts.
  
    debug1: ssh_rsa_verify: signature correct
  
    debug1: SSH2_MSG_NEWKEYS sent
  
    debug1: expecting SSH2_MSG_NEWKEYS
  
    debug1: SSH2_MSG_NEWKEYS received
  
    debug1: SSH2_MSG_SERVICE_REQUEST sent
  
    debug1: SSH2_MSG_SERVICE_ACCEPT received
  
    debug1: Authentications that can continue: publickey,gssapi-with-mic,password
  
    debug1: Next authentication method: gssapi-with-mic
  
    debug1: Unspecified GSS failure. Minor code may provide more information
  
    No credentials cache found
  
    debug1: Unspecified GSS failure. Minor code may provide more information
  
    No credentials cache found
  
    debug1: Unspecified GSS failure. Minor code may provide more information
  
    No credentials cache found
  
    debug1: Next authentication method: publickey
  
    debug1: Trying private key: /root/.ssh/identity
  
    debug1: Trying