分类: LINUX
1. 密钥认证登陆 3
1.1 Linux的密钥登陆过程 3
2. known_hosts 4
2.1 密钥扫描 4
2.2 私钥产生公钥命令 5
3. 附录 6
3.1 SSHSecureShellClient密钥登陆 6
3.2 Putty密钥登陆 0
下面是密钥登陆的整个过程,包括一下几个方面:
u 1)密钥的产生
u 2)拷贝公钥到目标机
u 3)改写目标机authorized_keys文件
u 4)使用密钥登陆目标机
具体指令如下:
1)密钥的产生
[root@localhost .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): rsa_my
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in rsa_my.
Your public key has been saved in rsa_my.pub.
The key fingerprint is:
30:62:26:30:59:f1:33:aa:31:15:71:c1:91:2f:4d:46 [email protected]
[root@localhost .ssh]# ls
1 2.pub authorized_keys known_hosts rsa_my.pub
2 3.pub id_rsa_1.pub rsa_my
2)拷贝公钥到目标机
[root@localhost .ssh]# scp rsa_my.pub [email protected]:~/.ssh
[email protected]'s password:
rsa_my.pub 100% 408 0.4KB/s 00:00
[root@localhost .ssh]# ssh [email protected]
[email protected]'s password:
Last login: Wed Sep 29 10:36:11 2010 from 192.168.1.96
[root@localhost ~]# ls
anaconda-ks.cfg geng install.log.syslog
Desktop install.log sshd_config.bak
[root@localhost ~]# cd .ssh
[root@localhost .ssh]# ls
authorized_keys rsa_my.pub
3)改写目标机authorized_keys文件
[root@localhost .ssh]# cat rsa_my.pub >> authorized_keys
[root@localhost .ssh]# logout
Connection to 192.168.1.97 closed.
[root@localhost .ssh]# ssh [email protected]
[email protected]'s password:
4)使用密钥登陆目标机
[root@localhost .ssh]# ssh -i rsa_my [email protected]
Last login: Wed Sep 29 16:51:48 2010 from 192.168.1.96
[root@localhost ~]#
注:从上面的过程可以看出,密钥是跟目标机的登录用户成对应关系的
奇