假设从A主机ssh登录B主机，用秘钥代替密码，步骤如下：



1、在A主机上执行：ssh-keygen -t rsa

一切默认，不用输入密码，生成两个文件：

/root/.ssh/id_rsa

/root/.ssh/id_rsa.pub



2、生成authorized_keys文件：

touch /root/.ssh/authorized_keys

cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

chmod 700 /root/.ssh/id_rsa



3、把authorized_keys文件拷贝到B主机上：

scp /root/.ssh/authorized_keys root@xx.xx.xx.xx:/root/.ssh/

如果B主机上没有/root/.ssh目录，则先登录到B主机上执行ssh-keygen -t rsa，再拷贝authorized_keys文件。



4、完成



5、如果以后某个主机的IP发生了调整，SSH时出现如下错误，按照前面的操作重新执行一遍即可。

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone Could be eavesdropping on you right Now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
a0:70:17:12:e3:3c:ed:ae:1c:2b:b7:2a:10:c7:bf:8f.
Please contact your system administrator.
Add correct host key in /root/.ssh/kNown_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/kNown_hosts:8
ECDSA host key for 10.2.169.48 has changed and you have requested strict checking.
Host key verification Failed.

参考： http://www.cnblogs.com/lavezhang/p/5533294.html