zoukankan      html  css  js  c++  java
  • 密钥对验证

    一:客户端创建密钥对 (要区别用户身份)

    [root@localhost ~]# ssh-keygen -t ecdsa     //客户端生成密钥对文件
    Generating public/private ecdsa key pair.
    Enter file in which to save the key (/root/.ssh/id_ecdsa):
    Created directory '/root/.ssh'.
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /root/.ssh/id_ecdsa.
    Your public key has been saved in /root/.ssh/id_ecdsa.pub.
    The key fingerprint is:
    SHA256:ue0QGApV4tdcxexIunKELc150V8+iiCwyKWORpESdBM root@localhost.localdomain
    The key's randomart image is:
    +---[ECDSA 256]---+
    |oo.E+..   .=.    |
    |.o.o.+ o .o +   .|
    |. + = ==o+ + . o |
    | . = +o+Boo . ...|
    |. o . .oSo. . . .|
    | o .  . o+ . .   |
    |.      oo .      |
    |         o       |
    |          .      |
    +----[SHA256]-----+
    [root@localhost ~]# ls .ssh            查看密钥对文件
    id_ecdsa  id_ecdsa.pub

    二:将公钥上传至服务器端(SSH端)

    [root@localhost ~]# ls .ssh
    id_ecdsa  id_ecdsa.pub
    [root@localhost ~]# scp .ssh/id_ecdsa.pub   192.168.200.132:/tmp        把公钥上传至服务器端
    The authenticity of host '192.168.200.132 (192.168.200.132)' can't be established.
    ECDSA key fingerprint is SHA256:rE9trM2ngfsoCTwVTR56sDvUGduuvS66nukGp7nAkLU.
    ECDSA key fingerprint is MD5:34:32:03:b3:a0:2a:58:fc:2b:16:32:ad:3b:f9:76:e2.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '192.168.200.132' (ECDSA) to the list of known hosts.
    root@192.168.200.132's password:            //密码为服务器端的密码
    id_ecdsa.pub                                          100%  188   100.9KB/s   00:00 

    三:服务端将公钥信息导入用户的公钥数据库文件(也要区别用户身份)

    [root@localhost ~]# cat /tmp/id_ecdsa.pub              
    ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOki4ZCTlteMiIM0uNRSGOHOo56ABwv1+kJHVgMVANzvoib3D3ho0EQUcjpA6ywK2ParBqUplTbdjYjwx5wABVM= root@localhost.localdomain
    [root@localhost ~]# mkdir .ssh

    [root@localhost ~]# ll -d .ssh            
    drwx------. 2 root root 25 8月  19 16:31 .ssh
    [root@localhost ~]# chmod 700 .ssh    (权限要跟客户端.ssh的权限一样,为700)

    [root@localhost ~]# cat /tmp/id_ecdsa.pub >> .ssh/authorized_keys

    四客户端验证

    [root@localhost ~]# ssh 192.168.200.132
    Last login: Mon Aug 19 16:30:35 2019 from 192.168.200.100

    二,三可以合在一起

    [root@localhost ~]# ssh-copy-id -i .ssh/id_ecdsa.pub  192.168.200.132
    /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_ecdsa.pub"
    /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
    /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
    root@192.168.200.132's password:
    Number of key(s) added: 1
    Now try logging into the machine, with:   "ssh '192.168.200.132'"
    and check to make sure that only the key(s) you wanted were added.
    [root@localhost ~]# ssh 192.168.200.132
    Last login: Mon Aug 19 17:18:12 2019 from 192.168.200.130
    [root@localhost ~]#

    完整命令: ssh-copy-id   -i  /home/zhangsan/.ssh/id_rea.pub   amber@192.168.200.111  

  • 相关阅读:
    成为java程序员的学习过程
    解决自动添加局域网内打印机的问题
    通过主机标头实现多个SharePoint Web应用程序共用一个端口
    MSDN教学短片WPF 3(WPF的图形透明效果)
    MSDN 教学短片 WPF 14(2D动画之—Trigger)
    MSDN 教程短片 WPF 8(WPF样式与资源)
    MSDN 教学短片WPF 5(Linear/RadialGradientBrush)
    MSDN 教学短片 WPF 12(画布)
    MSDN 教学短片WPF 4(笔刷)
    MSDN 教程短片 WPF 17(简单播放器的制作)
  • 原文地址:https://www.cnblogs.com/wrwrwrwr/p/11378355.html
Copyright © 2011-2022 走看看