linux——ssh远程访问,密钥的生成以及公钥的使用,上传与下载
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了linux——ssh远程访问,密钥的生成以及公钥的使用,上传与下载相关的知识,希望对你有一定的参考价值。
1.说明密钥认证的过程
连接ssh服务——ssh-keygen生成密钥(公钥,私钥)——ssh-copy-id 将公钥传输至远程服务器——访问远程服务端——scp跨主机上传以及复制下载
我方用户创建密钥后,将公钥传输给对方用户,对方将信任我方,我方可免密码访问
2.手动配置密钥认证登陆
//连接ssh
[[email protected] ~]# ssh [email protected] //1号ssh登入2号(也可2号直接生成密钥)
The authenticity of host ‘192.168.56.13 (192.168.56.13)‘ can‘t be established.
ECDSA key fingerprint is SHA256:mew0e7pEB0HDYWtnCCYbYopmwO7dYS7T7oySpZ+cfqg.
ECDSA key fingerprint is MD5:59:75:45:71:cd:34:a2:d3:df:5e:fc:cb:16:9a:04:53.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.56.13‘ (ECDSA) to the list of known hosts.
[email protected]‘s password:
Last login: Mon Jul 30 15:05:55 2018 from 192.168.56.1//生成密钥
[[email protected] ~]# ssh-keygen -t rsa //生成密钥
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory ‘/root/.ssh‘.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:iEujOIJR4THdKHLM5L1XD6aUYF2rKxwPKPgFMyPCaEc [email protected]
The key‘s randomart image is:
+---[RSA 2048]----+
| +=Eo+ .. |
|+o**o.o. . |
|+=Oo. o = |
|+o.* + * o |
|+ . O = S . |
|.= = B . |
|= o + o |
|.. . |
| |
+----[SHA256]-----+
[[email protected] ~]# ls .ssh/ //查看隐藏中的ssh
id_rsa id_rsa.pub//ssh-copy-id 将公钥传输至需访问的客户端
[[email protected] ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected] //将在登入2号创建的公钥传输至1号
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host ‘192.168.56.11 (192.168.56.11)‘ can‘t be established.
ECDSA key fingerprint is SHA256:mFtHEvI1K3YUxeD7NAkROmKmlWRdR1iNOxgUI4lLFhM.
ECDSA key fingerprint is MD5:37:2c:a4:4c:e6:25:20:21:e4:07:e4:87:50:cc:69:05.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]‘s password:
Permission denied, please try again.
[email protected]‘s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh ‘[email protected]‘"
and check to make sure that only the key(s) you wanted were added.
[[email protected] ~]# exit //登出2号
[[email protected] ~]# ssh [email protected] //返回1号
[email protected]‘s password:
Last login: Mon Jul 30 14:52:50 2018 from 192.168.56.1
[[email protected] ~]# ls -a //公钥已到达
. .bash_history .cache .esd_auth .redhat .test.sh.swp 模板 下载
.. .bash_logout .config .ICEauthority .ssh .viminfo 视频 音乐
123 .bash_profile .cshrc initial-setup-ks.cfg .tcshrc .xauthS1SUwn 图片 桌面
anaconda-ks.cfg .bashrc .dbus .local test.sh 公共 文档
[[email protected] ~]# ssh [email protected] //2号访问1号
Last login: Mon Jul 30 16:12:37 2018 from 192.168.56.11 //无需密码现在2号将公钥传输给1号,所以2号访问1号无需密码,但1号访问2号依然需要密码
这时,1号需要创建密钥,然后把公钥传输至2号即可免密码登陆2号了
scp跨主机上传以及复制
当前仅演示2号
传送演示
[[email protected] ~]# scp 123123.sh [email protected]:/ //使用scp命令传送至根目录下
123123.sh 100% 0 0.0KB/s 00:00
[[email protected] ~]# ls /
123123.sh boot etc lib media opt root sbin sys tmp var
bin dev home lib64 mnt proc run srv test.sh usr下载演示
[[email protected] ~]# ls /root //查看1号root目录
123 anaconda-ks.cfg initial-setup-ks.cfg test.sh 公共 模板 视频 图片 文档 下载 音乐 桌面
[[email protected] ~]# scp [email protected]:/root/test.sh . //2号将1号目录下的root目录下的test.sh复制到2号当前目录下,与传输不同,文件及路径在ip后方
test.sh 100% 505 220.2KB/s 00:00 以上是关于linux——ssh远程访问,密钥的生成以及公钥的使用,上传与下载的主要内容,如果未能解决你的问题,请参考以下文章