远程连接的公私钥加密

环境,准备俩台主机

172.25.254.100 服务器

172.25.254.200 客户端

首先在客户端上面输入

交互型

复制代码
[root@server200 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):(保存密钥的文件名称,这里我现在直接选择默认,回车)
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):(密码)
Enter same passphrase again:(再输入一般密码)
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:zDC/MMgAp9vZolZebcoUPKzmvGN8raRFjS1dXItiHuc root@server200.timinglee.org
The key's randomart image is:
+---[RSA 3072]----+
|. .        .     |
| +  o   . o .    |
|. .  =o+ = .     |
| o =..@**        |
|. +++*oBSE       |
| .*.= +o .       |
|...+ =. .        |
|.  +=. .         |
|  .oo..          |
+----[SHA256]-----+
​

非交互型

复制代码
[root@server200 ~]# ssh-keygen -f /root/.ssh/id_rsa -P ""
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:5kMNq4lFfqfK1uqRtMnVhhT1U/evFWT0qvdpdgqsfe4 root@server200.timinglee.org
The key's randomart image is:
+---[RSA 3072]----+
|        ...   o+.|
|         . . .o.o|
|      . o   o  .o|
|     o . *   . .o|
|      + S =   . o|
|     = % + . . o |
|    . O.+   + o  |
|     ..o.. o o.+o|
|     o=.  . .+Eoo|
+----[SHA256]-----+
​

以上俩种任选

给服务器的root用户上锁

复制代码
[root@server200 ~]# cd /root/.ssh/
[root@server200 .ssh]# ls
id_rsa  id_rsa.pub
[root@server200 .ssh]#  ssh-copy-id -i id_rsa.pub root@172.25.254.100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_rsa.pub"
The authenticity of host '172.25.254.100 (172.25.254.100)' can't be established.
ED25519 key fingerprint is SHA256:KozacypCDmg9DYyvYj/i2vpMwHujpC5ehRpKS33a+Ws.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@172.25.254.100's password:
​
Number of key(s) added: 1
​
Now try logging into the machine, with:   "ssh 'root@172.25.254.100'"
and check to make sure that only the key(s) you wanted were added.
​

查看服务器生成的密钥

复制代码
[root@server100 .ssh]# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzhf9QdXqUcI7HZxqe6hEzpq/SlEPqutvwtpoko+ENN/UlOb2d2b307BRkr+aKdiQVqJy2QgFm77DosYskehVNAfyiv0UmCUMdkbJfN/j1W+JzLzDlNnPaisyTMCkz6IOHZyS9IigUBnqE9gVuyaCxzc3bHGCI2mLAStkyE5bP5qkWb59P/BHvu4+bT9gOXyKLmDthOPRpB8YqLxjXYyBCwCfG280aDwi055/JBVGdOAfsz29hkFmgFSrtB12LNoSIcsr07CZ0wquYYP7XapLXEnSSjPT0k/ccwVpoyX0aEOFPWsss3WcT/7S6JP+tOJbrds4TKFhXq7gJZSBzeQ7+mwOgQC4GH4EfiCm64LqpT/yRfPWOvtenie4G/JdpVXlJWGkTHkgjViOISCqVhQRMzlXm+IVZTTd5/Prre/YW+xKZnslS0LyAHLhcvkC/ktW3XtLUr9l/UYE/w7SBNgl3ifQNf+VtIqepNA24Qp2Gk3rg6k2NW4SwybpO0AM/td0= root@server200.timinglee.org

查看客户端的公钥

复制代码
[root@server200 .ssh]# cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzhf9QdXqUcI7HZxqe6hEzpq/SlEPqutvwtpoko+ENN/UlOb2d2b307BRkr+aKdiQVqJy2QgFm77DosYskehVNAfyiv0UmCUMdkbJfN/j1W+JzLzDlNnPaisyTMCkz6IOHZyS9IigUBnqE9gVuyaCxzc3bHGCI2mLAStkyE5bP5qkWb59P/BHvu4+bT9gOXyKLmDthOPRpB8YqLxjXYyBCwCfG280aDwi055/JBVGdOAfsz29hkFmgFSrtB12LNoSIcsr07CZ0wquYYP7XapLXEnSSjPT0k/ccwVpoyX0aEOFPWsss3WcT/7S6JP+tOJbrds4TKFhXq7gJZSBzeQ7+mwOgQC4GH4EfiCm64LqpT/yRfPWOvtenie4G/JdpVXlJWGkTHkgjViOISCqVhQRMzlXm+IVZTTd5/Prre/YW+xKZnslS0LyAHLhcvkC/ktW3XtLUr9l/UYE/w7SBNgl3ifQNf+VtIqepNA24Qp2Gk3rg6k2NW4SwybpO0AM/td0= root@server200.timinglee.org

进行登录验证

复制代码
[root@server200 .ssh]# ssh -l root 172.25.254.100
Activate the web console with: systemctl enable --now cockpit.socket
​
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
Last login: Wed May 21 14:06:36 2025 from 172.25.254.200
相关推荐
eggcode19 小时前
Linux命令基础与操作技巧
linux
二宝哥20 小时前
VMware Workstation 实战:CentOS 7.9 安装、桥接网络配置与克隆管理详解
linux·centos·vmware
AutumnWind042021 小时前
【4种打开Ubuntu(WSL)的方法】
linux·ubuntu
辞旧 lekkk21 小时前
【Qt系统相关】鼠标事件
linux·开发语言·qt·学习·计算机外设·萌新
是摆烂第一名呀1 天前
【rk3506】U-Boot串口时钟未配置,导致串口彻底失效
linux·arm开发·驱动开发·嵌入式硬件
我叫洋洋1 天前
VMware Workstation 16 桥接网络修复记录
linux·嵌入式硬件
liang89991 天前
Anconda常用命令
linux·人工智能·conda
无足鸟ICT1 天前
【RHCA+】管道符
linux·运维·服务器
老约家的可汗1 天前
Linux的库制作和原理
linux·运维·服务器
非鱼䲆鱻䲜1 天前
CCS 20.5.0的printf重定向串口怎么实现?
linux·单片机·电赛·ccs