• UNIX SSH证书认证来取代普通的密码认证

    [oracle@june2 ~]$ ssh 10.10.17.3
The authenticity of host '10.10.17.3 (10.10.17.3)' can't be established.
RSA key fingerprint is 1f:6c:5f:a9:fb:cc:0e:a7:e8:68:a3:d7:96:af:3b:e7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.10.17.3' (RSA) to the list of known hosts.
oracle@10.10.17.3's password: 


需要密码:
登陆10.10.17.2执行
[oracle@june2 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/oracle/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /oracle/.ssh/id_rsa.
Your public key has been saved in /oracle/.ssh/id_rsa.pub.
The key fingerprint is:
c3:73:91:bb:9e:2a:eb:6a:45:42:f0:ff:68:2c:9c:87 oracle@june


登陆10.10.17.3执行

[oracle@june3 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/oracle/.ssh/id_rsa): 
Created directory '/oracle/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /oracle/.ssh/id_rsa.
Your public key has been saved in /oracle/.ssh/id_rsa.pub.
The key fingerprint is:
00:2a:31:69:93:52:0a:97:1c:d9:7f:46:40:30:66:7b oracle@june

[oracle@june2 .ssh]$ scp ~/.ssh/id_rsa.pub oracle@10.10.17.3:/oracle/
oracle@10.10.17.3's password: 
id_rsa.pub                                                         100%  393     0.4KB/s   00:00   

登陆10.10.17.3执行
[oracle@june3 ~]$ cat ~/id_rsa.pub >>.ssh/authorized_keys 

[oracle@june2 ~]$ ssh 10.10.17.3
Last login: Sun Jul  6 09:14:54 2014 from 10.10.17.1
[oracle@june3 ~]$ 

那么june3 ssh june2呢?
[oracle@june3 ~]$ ssh 10.10.17.2
The authenticity of host '10.10.17.2 (10.10.17.2)' can't be established.
RSA key fingerprint is 1f:6c:5f:a9:fb:cc:0e:a7:e8:68:a3:d7:96:af:3b:e7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.10.17.2' (RSA) to the list of known hosts.
oracle@10.10.17.2's password: 

这是不可以的

注意事项:
1.如果[oracle@june3 ~]$ ls -ltr .ssh/authorized_keys 
-rwxrwxrwx 1 oracle dba 393 07-06 09:12 .ssh/authorized_keys
权限不对  则报错
chmod 644 ~/.ssh/authorized_keys

2.用户家目录权限问题:
不能为775


3.修改密码对ssh 等效性无影响



    
                                    

    
    
          
    • 

          
  • 

            相关阅读:
    
            
              CTF_论剑场-web26
                
    Bugku-never give up
                
    Bugku-你必须让他停下来
                
    Bugku-域名解析
                
    bugku-web3
                
    请允许我成为你的夏季——shiro、jdbcInsertall
                
    HTTP请求/响应报文结构
                
    SQL常用命令
                
    dialogs打开对话框选定文件夹,getopenfilename获取文件名
                
    fso文件夹操作用法实操
                
                    
          
    • 
          
  • 
            原文地址:https://www.cnblogs.com/hzcya1995/p/13352258.html
          
    • 

        

      



      
      

        

        

      

    

  


  

  
Copyright © 2020-2023 
  润新知