远程连接的公私钥加密

苒苒鸭2025-05-22 9:26

环境,准备俩台主机

172.25.254.100 服务器

172.25.254.200 客户端

首先在客户端上面输入

交互型

复制代码 
[root@server200 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):(保存密钥的文件名称,这里我现在直接选择默认,回车)
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):(密码)
Enter same passphrase again:(再输入一般密码)
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:zDC/MMgAp9vZolZebcoUPKzmvGN8raRFjS1dXItiHuc root@server200.timinglee.org
The key's randomart image is:
+---[RSA 3072]----+
|. .        .     |
| +  o   . o .    |
|. .  =o+ = .     |
| o =..@**        |
|. +++*oBSE       |
| .*.= +o .       |
|...+ =. .        |
|.  +=. .         |
|  .oo..          |
+----[SHA256]-----+
​

非交互型

复制代码 
[root@server200 ~]# ssh-keygen -f /root/.ssh/id_rsa -P ""
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:5kMNq4lFfqfK1uqRtMnVhhT1U/evFWT0qvdpdgqsfe4 root@server200.timinglee.org
The key's randomart image is:
+---[RSA 3072]----+
|        ...   o+.|
|         . . .o.o|
|      . o   o  .o|
|     o . *   . .o|
|      + S =   . o|
|     = % + . . o |
|    . O.+   + o  |
|     ..o.. o o.+o|
|     o=.  . .+Eoo|
+----[SHA256]-----+
​

以上俩种任选

给服务器的root用户上锁

复制代码 
[root@server200 ~]# cd /root/.ssh/
[root@server200 .ssh]# ls
id_rsa  id_rsa.pub
[root@server200 .ssh]#  ssh-copy-id -i id_rsa.pub root@172.25.254.100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_rsa.pub"
The authenticity of host '172.25.254.100 (172.25.254.100)' can't be established.
ED25519 key fingerprint is SHA256:KozacypCDmg9DYyvYj/i2vpMwHujpC5ehRpKS33a+Ws.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@172.25.254.100's password:
​
Number of key(s) added: 1
​
Now try logging into the machine, with:   "ssh 'root@172.25.254.100'"
and check to make sure that only the key(s) you wanted were added.
​

查看服务器生成的密钥

复制代码 
[root@server100 .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzhf9QdXqUcI7HZxqe6hEzpq/SlEPqutvwtpoko+ENN/UlOb2d2b307BRkr+aKdiQVqJy2QgFm77DosYskehVNAfyiv0UmCUMdkbJfN/j1W+JzLzDlNnPaisyTMCkz6IOHZyS9IigUBnqE9gVuyaCxzc3bHGCI2mLAStkyE5bP5qkWb59P/BHvu4+bT9gOXyKLmDthOPRpB8YqLxjXYyBCwCfG280aDwi055/JBVGdOAfsz29hkFmgFSrtB12LNoSIcsr07CZ0wquYYP7XapLXEnSSjPT0k/ccwVpoyX0aEOFPWsss3WcT/7S6JP+tOJbrds4TKFhXq7gJZSBzeQ7+mwOgQC4GH4EfiCm64LqpT/yRfPWOvtenie4G/JdpVXlJWGkTHkgjViOISCqVhQRMzlXm+IVZTTd5/Prre/YW+xKZnslS0LyAHLhcvkC/ktW3XtLUr9l/UYE/w7SBNgl3ifQNf+VtIqepNA24Qp2Gk3rg6k2NW4SwybpO0AM/td0= root@server200.timinglee.org

查看客户端的公钥

复制代码 
[root@server200 .ssh]# cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzhf9QdXqUcI7HZxqe6hEzpq/SlEPqutvwtpoko+ENN/UlOb2d2b307BRkr+aKdiQVqJy2QgFm77DosYskehVNAfyiv0UmCUMdkbJfN/j1W+JzLzDlNnPaisyTMCkz6IOHZyS9IigUBnqE9gVuyaCxzc3bHGCI2mLAStkyE5bP5qkWb59P/BHvu4+bT9gOXyKLmDthOPRpB8YqLxjXYyBCwCfG280aDwi055/JBVGdOAfsz29hkFmgFSrtB12LNoSIcsr07CZ0wquYYP7XapLXEnSSjPT0k/ccwVpoyX0aEOFPWsss3WcT/7S6JP+tOJbrds4TKFhXq7gJZSBzeQ7+mwOgQC4GH4EfiCm64LqpT/yRfPWOvtenie4G/JdpVXlJWGkTHkgjViOISCqVhQRMzlXm+IVZTTd5/Prre/YW+xKZnslS0LyAHLhcvkC/ktW3XtLUr9l/UYE/w7SBNgl3ifQNf+VtIqepNA24Qp2Gk3rg6k2NW4SwybpO0AM/td0= root@server200.timinglee.org

进行登录验证

复制代码 
[root@server200 .ssh]# ssh -l root 172.25.254.100
Activate the web console with: systemctl enable --now cockpit.socket
​
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Wed May 21 14:06:36 2025 from 172.25.254.200
相关推荐
##echo38 分钟前
嵌入式Linux裸机开发笔记9(IMX6ULL)GPIO 中断实验(1)
linux·c语言·笔记·单片机·嵌入式硬件
Reggie_L1 小时前
RabbiteMQ安装-ubuntu
linux·ubuntu·ruby
AIGC_北苏1 小时前
让UV管理一切!!!
linux·人工智能·uv
YCY^v^3 小时前
centos 7 开启80,443端口,怎么弄?
linux·运维·centos
北南京海3 小时前
[Linux]进程地址空间
linux·运维·服务器
db_murphy5 小时前
Oracle数据块8KB、OS默认认块管理4KB,是否需调整大小为一致?
linux
mCell8 小时前
从删库到跑路?这50个Linux命令能保你职业生涯
linux·windows·macos
杰克逊的日记8 小时前
GPU运维常见问题处理
linux·运维·gpu
誰能久伴不乏10 小时前
Linux系统调用概述与实现:深入浅出的解析
linux·运维·服务器
程序员学习随笔10 小时前
Linux进程深度解析(2):fork/exec写时拷贝性能优化与exit资源回收机制(进程创建和销毁)
linux·运维·服务器
热门推荐
01Qwen3-Coder 快速上手教程 | Qwen Code + Claude Code02vue数据变化但页面不变03全球最强模型Grok4,国内已可免费使用!(附教程)04扣子开源本地部署教程 丨Coze智能体小白喂饭级指南05KGG转MP3工具|非KGM文件|解密音频06sqli-labs 靶场 less-8、9、10 第八关到第十关详解:布尔注入,时间注入07干翻 Typora!MilkUp:完全免费的桌面端 Markdown 编辑器!08Coze 开源了,送上保姆级私有化部署方案【建议收藏】09【2025.7.18】更新vscode后所有.vue文件template标签后报红的临时解决办法,Vue - Official 插件3.0.2导致1001-开源版COZE-字节 Coze Studio 重磅开源!保姆级本地安装教程,手把手带你体验