zoukankan      html  css  js  c++  java
  • 密钥对验证

    一:客户端创建密钥对 (要区别用户身份)

    [root@localhost ~]# ssh-keygen -t ecdsa     //客户端生成密钥对文件
    Generating public/private ecdsa key pair.
    Enter file in which to save the key (/root/.ssh/id_ecdsa):
    Created directory '/root/.ssh'.
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /root/.ssh/id_ecdsa.
    Your public key has been saved in /root/.ssh/id_ecdsa.pub.
    The key fingerprint is:
    SHA256:ue0QGApV4tdcxexIunKELc150V8+iiCwyKWORpESdBM root@localhost.localdomain
    The key's randomart image is:
    +---[ECDSA 256]---+
    |oo.E+..   .=.    |
    |.o.o.+ o .o +   .|
    |. + = ==o+ + . o |
    | . = +o+Boo . ...|
    |. o . .oSo. . . .|
    | o .  . o+ . .   |
    |.      oo .      |
    |         o       |
    |          .      |
    +----[SHA256]-----+
    [root@localhost ~]# ls .ssh            查看密钥对文件
    id_ecdsa  id_ecdsa.pub

    二:将公钥上传至服务器端(SSH端)

    [root@localhost ~]# ls .ssh
    id_ecdsa  id_ecdsa.pub
    [root@localhost ~]# scp .ssh/id_ecdsa.pub   192.168.200.132:/tmp        把公钥上传至服务器端
    The authenticity of host '192.168.200.132 (192.168.200.132)' can't be established.
    ECDSA key fingerprint is SHA256:rE9trM2ngfsoCTwVTR56sDvUGduuvS66nukGp7nAkLU.
    ECDSA key fingerprint is MD5:34:32:03:b3:a0:2a:58:fc:2b:16:32:ad:3b:f9:76:e2.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '192.168.200.132' (ECDSA) to the list of known hosts.
    root@192.168.200.132's password:            //密码为服务器端的密码
    id_ecdsa.pub                                          100%  188   100.9KB/s   00:00 

    三:服务端将公钥信息导入用户的公钥数据库文件(也要区别用户身份)

    [root@localhost ~]# cat /tmp/id_ecdsa.pub              
    ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOki4ZCTlteMiIM0uNRSGOHOo56ABwv1+kJHVgMVANzvoib3D3ho0EQUcjpA6ywK2ParBqUplTbdjYjwx5wABVM= root@localhost.localdomain
    [root@localhost ~]# mkdir .ssh

    [root@localhost ~]# ll -d .ssh            
    drwx------. 2 root root 25 8月  19 16:31 .ssh
    [root@localhost ~]# chmod 700 .ssh    (权限要跟客户端.ssh的权限一样,为700)

    [root@localhost ~]# cat /tmp/id_ecdsa.pub >> .ssh/authorized_keys

    四客户端验证

    [root@localhost ~]# ssh 192.168.200.132
    Last login: Mon Aug 19 16:30:35 2019 from 192.168.200.100

    二,三可以合在一起

    [root@localhost ~]# ssh-copy-id -i .ssh/id_ecdsa.pub  192.168.200.132
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_ecdsa.pub"
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@192.168.200.132's password:
    Number of key(s) added: 1
    Now try logging into the machine, with:   "ssh '192.168.200.132'"
    and check to make sure that only the key(s) you wanted were added.
    [root@localhost ~]# ssh 192.168.200.132
    Last login: Mon Aug 19 17:18:12 2019 from 192.168.200.130
    [root@localhost ~]#

    完整命令: ssh-copy-id   -i  /home/zhangsan/.ssh/id_rea.pub   amber@192.168.200.111  

  • 相关阅读:
    BZOJ 3205 [Apio2013]机器人 ——斯坦纳树
    BZOJ 3782 上学路线 ——动态规划 Lucas定理 中国剩余定理
    HDU 1423 Greatest Common Increasing Subsequence ——动态规划
    BZOJ 3309 DZY Loves Math ——莫比乌斯反演
    POJ 1038 Bugs Integrated, Inc. ——状压DP
    POJ 3693 Maximum repetition substring ——后缀数组
    POJ 2699 The Maximum Number of Strong Kings ——网络流
    POJ 2396 Budget ——有上下界的网络流
    BZOJ 4650 [Noi2016]优秀的拆分 ——后缀数组
    源码安装python
  • 原文地址:https://www.cnblogs.com/wrwrwrwr/p/11378355.html
Copyright © 2011-2022 走看看