linux——ssh遠程訪問,密鑰的生成以及公鑰的使用,上傳與下載
阿新 • • 發佈:2018-07-30
ssp cal cati copy 手動 proc domain finger dsa 1.說明密鑰認證的過程
連接ssh服務——ssh-keygen生成密鑰(公鑰,私鑰)——ssh-copy-id 將公鑰傳輸至遠程服務器——訪問遠程服務端——scp跨主機上傳以及復制下載
連接ssh服務——ssh-keygen生成密鑰(公鑰,私鑰)——ssh-copy-id 將公鑰傳輸至遠程服務器——訪問遠程服務端——scp跨主機上傳以及復制下載
我方用戶創建密鑰後,將公鑰傳輸給對方用戶,對方將信任我方,我方可免密碼訪問
2.手動配置密鑰認證登陸
//連接ssh
[root@localhost ~]# ssh [email protected] //1號ssh登入2號(也可2號直接生成密鑰) The authenticity of host ‘192.168.56.13 (192.168.56.13)‘ can‘t be established. ECDSA key fingerprint is SHA256:mew0e7pEB0HDYWtnCCYbYopmwO7dYS7T7oySpZ+cfqg. ECDSA key fingerprint is MD5:59:75:45:71:cd:34:a2:d3:df:5e:fc:cb:16:9a:04:53. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘192.168.56.13‘ (ECDSA) to the list of known hosts. [email protected]‘s password: Last login: Mon Jul 30 15:05:55 2018 from 192.168.56.1
//生成密鑰
[root@localhost ~]# ssh-keygen -t rsa //生成密鑰 Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory ‘/root/.ssh‘. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:iEujOIJR4THdKHLM5L1XD6aUYF2rKxwPKPgFMyPCaEc [email protected] The key‘s randomart image is: +---[RSA 2048]----+ | +=Eo+ .. | |+o**o.o. . | |+=Oo. o = | |+o.* + * o | |+ . O = S . | |.= = B . | |= o + o | |.. . | | | +----[SHA256]-----+ [root@localhost ~]# ls .ssh/ //查看隱藏中的ssh id_rsa id_rsa.pub
//ssh-copy-id 將公鑰傳輸至需訪問的客戶端
[root@localhost ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected] //將在登入2號創建的公鑰傳輸至1號 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host ‘192.168.56.11 (192.168.56.11)‘ can‘t be established. ECDSA key fingerprint is SHA256:mFtHEvI1K3YUxeD7NAkROmKmlWRdR1iNOxgUI4lLFhM. ECDSA key fingerprint is MD5:37:2c:a4:4c:e6:25:20:21:e4:07:e4:87:50:cc:69:05. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]‘s password: Permission denied, please try again. [email protected]‘s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh ‘[email protected]‘" and check to make sure that only the key(s) you wanted were added. [root@localhost ~]# exit //登出2號 [root@localhost ~]# ssh [email protected] //返回1號 [email protected]‘s password: Last login: Mon Jul 30 14:52:50 2018 from 192.168.56.1 [root@localhost ~]# ls -a //公鑰已到達 . .bash_history .cache .esd_auth .redhat .test.sh.swp 模板 下載 .. .bash_logout .config .ICEauthority .ssh .viminfo 視頻 音樂 123 .bash_profile .cshrc initial-setup-ks.cfg .tcshrc .xauthS1SUwn 圖片 桌面 anaconda-ks.cfg .bashrc .dbus .local test.sh 公共 文檔 [root@localhost ~]# ssh [email protected] //2號訪問1號 Last login: Mon Jul 30 16:12:37 2018 from 192.168.56.11 //無需密碼
現在2號將公鑰傳輸給1號,所以2號訪問1號無需密碼,但1號訪問2號依然需要密碼
這時,1號需要創建密鑰,然後把公鑰傳輸至2號即可免密碼登陸2號了
scp跨主機上傳以及復制
當前僅演示2號
傳送演示
[root@localhost ~]# scp 123123.sh [email protected]:/ //使用scp命令傳送至根目錄下
123123.sh 100% 0 0.0KB/s 00:00
[root@localhost ~]# ls /
123123.sh boot etc lib media opt root sbin sys tmp var
bin dev home lib64 mnt proc run srv test.sh usr下載演示
[root@localhost ~]# ls /root //查看1號root目錄
123 anaconda-ks.cfg initial-setup-ks.cfg test.sh 公共 模板 視頻 圖片 文檔 下載 音樂 桌面
[root@localhost ~]# scp [email protected]:/root/test.sh . //2號將1號目錄下的root目錄下的test.sh復制到2號當前目錄下,與傳輸不同,文件及路徑在ip後方
test.sh 100% 505 220.2KB/s 00:00 linux——ssh遠程訪問,密鑰的生成以及公鑰的使用,上傳與下載