学习、工作和狗粮

SSH免密登录

2018/01/26 Share

参考

免密码登陆和远程拷贝

生成 ssh key

  • 客户机:

    • 客户端生成公私🔑
    • 将公钥部署到远程服务器
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# mac & ubuntu 使用相同命令
jiiiiiin@jiiiiiins-MacBook-Pro  ~/Documents/Vagrant/Ubuntu/xenial64 ssh-keygen ts
Generating public/private rsa key pair.
# 直接回车
Enter file in which to save the key (/Users/jiiiiiin/.ssh/id_rsa):
Created directory '/Users/jiiiiiin/.ssh'.
# 直接回车, 如果设置了密匙的密码,那么每次授权还要输入此密码,安全考虑也可以输入,取舍在己
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/jiiiiiin/.ssh/id_rsa.
Your public key has been saved in /Users/jiiiiiin/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:t3c4jzFvjutIJUSbVHGEgD8V8kTzKxxh0TtW+N8qA+Y jiiiiiin@jiiiiiins-MacBook-Pro.local
The key's randomart image is:
+---[RSA 2048]----+
| .=+@Bo. |
| .o Bo=o .|
| .+.o .+ |
| .o. .+..|
| S o.+...o|
| .o+ o o|
| oo.* .. |
| .EooXo |
| ..=*+ |
+----[SHA256]-----+
jiiiiiin@jiiiiiins-MacBook-Pro  ~/Documents/Vagrant/Ubuntu/xenial64

# 查看
jiiiiiin@jiiiiiins-MacBook-Pro  ~/Documents/Vagrant/Ubuntu/xenial64ll -al ~/|grep ".ssh*"
drwx------ 4 jiiiiiin staff 128B 1 21 22:01 .ssh
jiiiiiin@jiiiiiins-MacBook-Pro  ~/Documents/Vagrant/Ubuntu/xenial64ll ~/.ssh/
total 16
# 私钥
-rw------- 1 jiiiiiin staff 1.6K 1 21 22:01 id_rsa
# 公钥
-rw-r--r-- 1 jiiiiiin staff 418B 1 21 22:01 id_rsa.pub

部署客户机公钥到远程服务器

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# 拷贝客户机公钥内容
ssh-rsa mdwdB3NzaC1yc2EAAAADAQABAAABAQC5EkPnpXUPhWWQzlALNeU/sBhv/VcoUiODVJkDDRX72UGOqm+W+CB0eSyIeMEkUDp2A4jnF5ZcuB6Yn4QnEeZTwp0kV1c8zNh+G++Mtd0+umFcssrF2w7IxelWbysSGeZE20zbvqbKmI8VRRkLXdVMaigvulMVjbNSKiCe8rsd7F4CgjGUXG1pWtlu8HHxz9PU+P88rIEiOC3Z2X5+GVFNH5q+5VmpUf7q727WnDDxNRlifd5jD91X3S041D6dyFPn04k66j2w5gCnBlPRmQxs/rRMz4FTA6HCkGMqSRnnX55smg8ctgAQi4QbTY6pd6FUzwENusmC09CdlrRgb/MD xxx@qq.net

# 登录到远程服务器
jiiiiiin@jiiiiiins-MacBook-Pro  ~/Documents/Vagrant/Ubuntu/xenial64  csiiweb
root@ip's password:
Last login: Sun Jan 21 12:34:32 2018 from 183.225.26.131

Welcome to Alibaba Cloud Elastic Compute Service !

[root@iZwz9ghjvyrda5i4t8nl04Z ~]# whoami
root
[root@iZwz9ghjvyrda5i4t8nl04Z ~]# pwd
/root

# 在用户家目录创建 .ssh目录
[root@iZwz9ghjvyrda5i4t8nl04Z ~]# mkdir .ssh
mkdir: 无法创建目录".ssh": 文件已存在

# 创建一下文件
[root@iZwz9ghjvyrda5i4t8nl04Z ~]# ll .ssh
总用量 0
-rw------- 1 root root 0 12月 27 11:30 authorized_keys

# 将客户机公钥编辑到其中
[root@iZwz9ghjvyrda5i4t8nl04Z ~]# vim .ssh/authorized_keys
[root@iZwz9ghjvyrda5i4t8nl04Z ~]#

# 好,这样,我们开发机器的一个“信物”就在服务器上保存好了,这样就可以实现免密码登录了。来试试吧。


# 回到客户机测试:
jiiiiiin@jiiiiiins-MacBook-Pro  ~/Documents/Vagrant/Ubuntu/xenial64csiiweb
Enter passphrase for key '/Users/jiiiiiin/.ssh/id_rsa':
Last login: Sun Jan 21 22:12:56 2018 from 183.225.26.131

Welcome to Alibaba Cloud Elastic Compute Service !

[root@iZwz9ghjvyrda5i4t8nl04Z ~]#
CATALOG
  1. 1. 参考
  2. 2. 生成 ssh key
  3. 3. 部署客户机公钥到远程服务器