远程连接的公私钥加密

苒苒鸭2025-05-22 9:26

环境,准备俩台主机

172.25.254.100 服务器

172.25.254.200 客户端

首先在客户端上面输入

交互型

复制代码 
[root@server200 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):(保存密钥的文件名称,这里我现在直接选择默认,回车)
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):(密码)
Enter same passphrase again:(再输入一般密码)
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:zDC/MMgAp9vZolZebcoUPKzmvGN8raRFjS1dXItiHuc root@server200.timinglee.org
The key's randomart image is:
+---[RSA 3072]----+
|. .        .     |
| +  o   . o .    |
|. .  =o+ = .     |
| o =..@**        |
|. +++*oBSE       |
| .*.= +o .       |
|...+ =. .        |
|.  +=. .         |
|  .oo..          |
+----[SHA256]-----+
​

非交互型

复制代码 
[root@server200 ~]# ssh-keygen -f /root/.ssh/id_rsa -P ""
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:5kMNq4lFfqfK1uqRtMnVhhT1U/evFWT0qvdpdgqsfe4 root@server200.timinglee.org
The key's randomart image is:
+---[RSA 3072]----+
|        ...   o+.|
|         . . .o.o|
|      . o   o  .o|
|     o . *   . .o|
|      + S =   . o|
|     = % + . . o |
|    . O.+   + o  |
|     ..o.. o o.+o|
|     o=.  . .+Eoo|
+----[SHA256]-----+
​

以上俩种任选

给服务器的root用户上锁

复制代码 
[root@server200 ~]# cd /root/.ssh/
[root@server200 .ssh]# ls
id_rsa  id_rsa.pub
[root@server200 .ssh]#  ssh-copy-id -i id_rsa.pub root@172.25.254.100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_rsa.pub"
The authenticity of host '172.25.254.100 (172.25.254.100)' can't be established.
ED25519 key fingerprint is SHA256:KozacypCDmg9DYyvYj/i2vpMwHujpC5ehRpKS33a+Ws.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@172.25.254.100's password:
​
Number of key(s) added: 1
​
Now try logging into the machine, with:   "ssh 'root@172.25.254.100'"
and check to make sure that only the key(s) you wanted were added.
​

查看服务器生成的密钥

复制代码 
[root@server100 .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzhf9QdXqUcI7HZxqe6hEzpq/SlEPqutvwtpoko+ENN/UlOb2d2b307BRkr+aKdiQVqJy2QgFm77DosYskehVNAfyiv0UmCUMdkbJfN/j1W+JzLzDlNnPaisyTMCkz6IOHZyS9IigUBnqE9gVuyaCxzc3bHGCI2mLAStkyE5bP5qkWb59P/BHvu4+bT9gOXyKLmDthOPRpB8YqLxjXYyBCwCfG280aDwi055/JBVGdOAfsz29hkFmgFSrtB12LNoSIcsr07CZ0wquYYP7XapLXEnSSjPT0k/ccwVpoyX0aEOFPWsss3WcT/7S6JP+tOJbrds4TKFhXq7gJZSBzeQ7+mwOgQC4GH4EfiCm64LqpT/yRfPWOvtenie4G/JdpVXlJWGkTHkgjViOISCqVhQRMzlXm+IVZTTd5/Prre/YW+xKZnslS0LyAHLhcvkC/ktW3XtLUr9l/UYE/w7SBNgl3ifQNf+VtIqepNA24Qp2Gk3rg6k2NW4SwybpO0AM/td0= root@server200.timinglee.org

查看客户端的公钥

复制代码 
[root@server200 .ssh]# cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzhf9QdXqUcI7HZxqe6hEzpq/SlEPqutvwtpoko+ENN/UlOb2d2b307BRkr+aKdiQVqJy2QgFm77DosYskehVNAfyiv0UmCUMdkbJfN/j1W+JzLzDlNnPaisyTMCkz6IOHZyS9IigUBnqE9gVuyaCxzc3bHGCI2mLAStkyE5bP5qkWb59P/BHvu4+bT9gOXyKLmDthOPRpB8YqLxjXYyBCwCfG280aDwi055/JBVGdOAfsz29hkFmgFSrtB12LNoSIcsr07CZ0wquYYP7XapLXEnSSjPT0k/ccwVpoyX0aEOFPWsss3WcT/7S6JP+tOJbrds4TKFhXq7gJZSBzeQ7+mwOgQC4GH4EfiCm64LqpT/yRfPWOvtenie4G/JdpVXlJWGkTHkgjViOISCqVhQRMzlXm+IVZTTd5/Prre/YW+xKZnslS0LyAHLhcvkC/ktW3XtLUr9l/UYE/w7SBNgl3ifQNf+VtIqepNA24Qp2Gk3rg6k2NW4SwybpO0AM/td0= root@server200.timinglee.org

进行登录验证

复制代码 
[root@server200 .ssh]# ssh -l root 172.25.254.100
Activate the web console with: systemctl enable --now cockpit.socket
​
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Wed May 21 14:06:36 2025 from 172.25.254.200
相关推荐
chlk1231 天前
Linux文件权限完全图解:读懂 ls -l 和 chmod 755 背后的秘密
linux·操作系统
舒一笑1 天前
Ubuntu系统安装CodeX出现问题
linux·后端
改一下配置文件1 天前
Ubuntu24.04安装NVIDIA驱动完整指南(含Secure Boot解决方案)
linux
深紫色的三北六号1 天前
Linux 服务器磁盘扩容与目录迁移:rsync + bind mount 实现服务无感迁移(无需修改配置)
linux·扩容·服务迁移
SudosuBash2 天前
[CS:APP 3e] 关于对 第 12 章 读/写者的一点思考和题解 (作业 12.19,12.20,12.21)
linux·并发·操作系统(os)
哈基咪怎么可能是AI2 天前
为什么我就想要「线性历史 + Signed Commits」GitHub 却把我当猴耍 🤬🎙️
linux·github
十日十行3 天前
Linux和window共享文件夹
linux
木心月转码ing3 天前
WSL+Cpp开发环境配置
linux
崔小汤呀4 天前
最全的docker安装笔记,包含CentOS和Ubuntu
linux·后端
何中应4 天前
vi编辑器使用
linux·后端·操作系统
热门推荐
01GitHub 镜像站点02OpenClaw 使用和管理 MCP 完全指南03OpenClaw + 飞书(Feishu)环境搭建指南04【OpenClaw 本地实战 Ep.3】突破瓶颈:强制修改 openclaw.json 解锁 32k 上下文记忆05Claude Code + GLM4.7 避坑指南:解决 Unable to connect to Anthropic services06OpenClaw优化飞书API 额度已耗尽问题07Window 10部署openclaw报错node.exe : npm error code 12808Clawdbot部署教程:解决‘gateway token missing’授权问题的完整步骤09小黑课堂计算机二级WPSoffice题库软件下载安装教程(2026年3月最新版)10OpenClaw大龙虾机器人完整安装教程