• 【转】ssh密钥的生成与使用


    原文链接:https://blog.csdn.net/u014721096/article/details/78553032

    一 客户端是linux
    1.在客户端生成密钥对

    [root@localhost ~]# ssh-keygen -t rsa <== 建立密钥对,-t代表类型,有RSA和DSA两种
    Generating public/private rsa key pair.
    Enter file in which to save the key (/root/.ssh/id_rsa): <==密钥文件默认存放位置,按Enter即可
    Created directory '/root/.ssh'.
    Enter passphrase (empty for no passphrase): <== 输入密钥锁码,或直接按 Enter 留空
    Enter same passphrase again: <== 再输入一遍密钥锁码
    Your identification has been saved in /root/.ssh/id_rsa. <== 生成的私钥
    Your public key has been saved in /root/.ssh/id_rsa.pub. <== 生成的公钥
    The key fingerprint is:
    SHA256:K1qy928tkk1FUuzQtlZK+poeS67vIgPvHw9lQ+KNuZ4 root@localhost.localdomain
    The key's randomart image is:
    +---[RSA 2048]----+
    | +. |
    | o * . |
    | . .O + |
    | . *. * |
    | S =+ |
    | . =... |
    | .oo =+o+ |
    | ==o+B*o. |
    | oo.=EXO. |
    +----[SHA256]-----+
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    密钥锁码在使用私钥时必须输入,这样就可以保护私钥不被盗用。当然,也可以留空,实现无密码登录,这里密钥锁码设置为空。完成上述步骤后,在 root 用户的家目录中生成了一个 .ssh 的隐藏目录,内含两个密钥文件,其中id_rsa 为私钥,id_rsa.pub 为公钥。

    2.把公钥传输至远程服务器
    这里的远程服务器是172.16.8.11

    [root@localhost ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@172.16.8.11
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
    The authenticity of host '172.16.8.11 (172.16.8.11)' can't be established.
    ECDSA key fingerprint is SHA256:IpS8Vw0F/Yxece36yQ9KhoIuxHFjSi/Ect/WHGxw//k.
    ECDSA key fingerprint is MD5:03:85:10:9a:21:75:d6:f1:7a:6e:fd:a8:08:c5:ef:59.
    Are you sure you want to continue connecting (yes/no)? yes <== 是否继续连接,回答为yes
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@172.16.8.11's password: <==输入远程主机的密码

    Number of key(s) added: 1

    Now try logging into the machine, with: "ssh 'root@172.16.8.11'"
    and check to make sure that only the key(s) you wanted were added.
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    3.测试

    [root@localhost ~]# ssh 172.16.8.11
    1
    2
    可以看出,无需输入密码即可直接登录

    二,客户端为Windows
    这里使用xshell来生成密钥对
    1.在客户端生成密钥对
    点击Xshell菜单栏的工具,选择新建用户密钥生成向导

    2.复制生成的公钥到远程主机里面 ~/.ssh/authorized_keys 文件中。如果没有.ssh目录,需要自己建立一个,并更改目录权限为700

    [root@localhost ~]# mkdir ~/.ssh
    [root@localhost ~]# chmod 700 ~/.ssh/
    [root@localhost ~]# vim ~/.ssh/authorized_keys
    1
    2
    3
    粘贴公钥的内容,保存退出

    3.测试
    用xshell新建一个窗口

    点击连接即可实现无密码登录
    ————————————————
    版权声明:本文为CSDN博主「独孤柯灵」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
    原文链接:https://blog.csdn.net/u014721096/article/details/78553032

  • 相关阅读:
    如何提高PHP执行效率
    PHP MySQL 预处理语句
    CDN拾遗
    Rendering React components to the document body
    模拟select,隐藏下拉列表的几种实现
    前端数据范式化
    其实我们可以少写点if else和switch
    [译]the cost of javascript in 2018(1)
    provisional headers are shown 知多少
    f5到底刷新了点什么,你知道吗
  • 原文地址:https://www.cnblogs.com/binzhou75/p/14526547.html
Copyright © 2020-2023  润新知