远程连接的公私钥加密

苒苒鸭2025-05-22 9:26

环境,准备俩台主机

172.25.254.100 服务器

172.25.254.200 客户端

首先在客户端上面输入

交互型

复制代码 
[root@server200 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):(保存密钥的文件名称,这里我现在直接选择默认,回车)
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):(密码)
Enter same passphrase again:(再输入一般密码)
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:zDC/MMgAp9vZolZebcoUPKzmvGN8raRFjS1dXItiHuc root@server200.timinglee.org
The key's randomart image is:
+---[RSA 3072]----+
|. .        .     |
| +  o   . o .    |
|. .  =o+ = .     |
| o =..@**        |
|. +++*oBSE       |
| .*.= +o .       |
|...+ =. .        |
|.  +=. .         |
|  .oo..          |
+----[SHA256]-----+
​

非交互型

复制代码 
[root@server200 ~]# ssh-keygen -f /root/.ssh/id_rsa -P ""
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:5kMNq4lFfqfK1uqRtMnVhhT1U/evFWT0qvdpdgqsfe4 root@server200.timinglee.org
The key's randomart image is:
+---[RSA 3072]----+
|        ...   o+.|
|         . . .o.o|
|      . o   o  .o|
|     o . *   . .o|
|      + S =   . o|
|     = % + . . o |
|    . O.+   + o  |
|     ..o.. o o.+o|
|     o=.  . .+Eoo|
+----[SHA256]-----+
​

以上俩种任选

给服务器的root用户上锁

复制代码 
[root@server200 ~]# cd /root/.ssh/
[root@server200 .ssh]# ls
id_rsa  id_rsa.pub
[root@server200 .ssh]#  ssh-copy-id -i id_rsa.pub root@172.25.254.100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_rsa.pub"
The authenticity of host '172.25.254.100 (172.25.254.100)' can't be established.
ED25519 key fingerprint is SHA256:KozacypCDmg9DYyvYj/i2vpMwHujpC5ehRpKS33a+Ws.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@172.25.254.100's password:
​
Number of key(s) added: 1
​
Now try logging into the machine, with:   "ssh 'root@172.25.254.100'"
and check to make sure that only the key(s) you wanted were added.
​

查看服务器生成的密钥

复制代码 
[root@server100 .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzhf9QdXqUcI7HZxqe6hEzpq/SlEPqutvwtpoko+ENN/UlOb2d2b307BRkr+aKdiQVqJy2QgFm77DosYskehVNAfyiv0UmCUMdkbJfN/j1W+JzLzDlNnPaisyTMCkz6IOHZyS9IigUBnqE9gVuyaCxzc3bHGCI2mLAStkyE5bP5qkWb59P/BHvu4+bT9gOXyKLmDthOPRpB8YqLxjXYyBCwCfG280aDwi055/JBVGdOAfsz29hkFmgFSrtB12LNoSIcsr07CZ0wquYYP7XapLXEnSSjPT0k/ccwVpoyX0aEOFPWsss3WcT/7S6JP+tOJbrds4TKFhXq7gJZSBzeQ7+mwOgQC4GH4EfiCm64LqpT/yRfPWOvtenie4G/JdpVXlJWGkTHkgjViOISCqVhQRMzlXm+IVZTTd5/Prre/YW+xKZnslS0LyAHLhcvkC/ktW3XtLUr9l/UYE/w7SBNgl3ifQNf+VtIqepNA24Qp2Gk3rg6k2NW4SwybpO0AM/td0= root@server200.timinglee.org

查看客户端的公钥

复制代码 
[root@server200 .ssh]# cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzhf9QdXqUcI7HZxqe6hEzpq/SlEPqutvwtpoko+ENN/UlOb2d2b307BRkr+aKdiQVqJy2QgFm77DosYskehVNAfyiv0UmCUMdkbJfN/j1W+JzLzDlNnPaisyTMCkz6IOHZyS9IigUBnqE9gVuyaCxzc3bHGCI2mLAStkyE5bP5qkWb59P/BHvu4+bT9gOXyKLmDthOPRpB8YqLxjXYyBCwCfG280aDwi055/JBVGdOAfsz29hkFmgFSrtB12LNoSIcsr07CZ0wquYYP7XapLXEnSSjPT0k/ccwVpoyX0aEOFPWsss3WcT/7S6JP+tOJbrds4TKFhXq7gJZSBzeQ7+mwOgQC4GH4EfiCm64LqpT/yRfPWOvtenie4G/JdpVXlJWGkTHkgjViOISCqVhQRMzlXm+IVZTTd5/Prre/YW+xKZnslS0LyAHLhcvkC/ktW3XtLUr9l/UYE/w7SBNgl3ifQNf+VtIqepNA24Qp2Gk3rg6k2NW4SwybpO0AM/td0= root@server200.timinglee.org

进行登录验证

复制代码 
[root@server200 .ssh]# ssh -l root 172.25.254.100
Activate the web console with: systemctl enable --now cockpit.socket
​
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Wed May 21 14:06:36 2025 from 172.25.254.200
相关推荐
帅大大的架构之路2 分钟前
linux上面的一些小知识点
linux·运维·服务器
光电笑映6 分钟前
进程间通信:深入 System V IPC:共享内存、消息队列与信号量
linux·运维·服务器·c++
RisunJan7 分钟前
Linux命令-patch (为开放源代码软件安装补丁程序)
linux·服务器·算法
皆圥忈20 分钟前
_Linux文件系统与磁盘结构深度解析
linux
向日葵.23 分钟前
linux & qnx & git 命令 2
linux·运维·git
丑过三八线23 分钟前
Systemd Cgroup 驱动详解
linux·ubuntu·容器
‎ദ്ദിᵔ.˛.ᵔ₎24 分钟前
linux的vim编辑器
linux
用户8055336980333 分钟前
嵌入式Linux开发——烧写你的镜像:存储介质基础 - 先分清 SD、eMMC 和块设备
linux·嵌入式
Android系统攻城狮38 分钟前
Linux Pulseaudio深度解析之pa_context_set_sink_mute_by_index用流程与实战(四十七)
linux·运维·服务器·音频进阶·pulseaudio进阶
木白CPP1 小时前
aarch64-linux-gnu* (gcc,ld,objcopy,objdump)工具总结
linux·运维·gnu
热门推荐
01【AI】2026 年具身智能模型和世界模型总结02GitHub 镜像站点032026 年 AI 编程工具终极横评:Cursor vs Claude Code vs Copilot vs Windsurf04Codex 下载安装指南:Windows 和 macOS 官方版下载052026 AI 编程工具终极实战指南:Cursor vs Claude Code vs Copilot,开发者该怎么选?06AI科技热点日报 | 2026年6月1日07【踩坑记录 | 第一篇】微软商店无法使用时,如何手动安装 OpenAI Codex?附`.msix`文件系统错误解决方法08《置身钉内》原文-可播放阅读09CC-Switch 下载、安装与使用配置指南【2026.5.29】10Agnes AI 全模态 API 免费实测报告:文生图 + 文生视频完整测试