本文主要是介绍openssh生成ed25519的密钥对并实现服务器间免密钥登录,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
本文讲解如何用openssh生成ed25519的密钥对并实现服务器间免密钥登录。
注意:所有操作均在客户机侧
一、生成 ED25519 密钥
用需要免密登录的用户(本例为username) 运行“ssh-keygen -t ed25519 -b 256”
[username@localhost ~]$ ssh-keygen -t ed25519 -b 256
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/username/.ssh/id_ed25519):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_ed25519
Your public key has been saved in /home/username/.ssh/id_ed25519.pub
The key fingerprint is:
SHA256:TxLFDN0ERV3qM7d0OfTXCylXHrXQilvZTymabIcYhTE username@localhost.localdomain
The key's randomart image is:
+--[ED25519 256]--+
| .E=*+o..o|
| o=.. ooo|
| . . . ==.|
| o . *=o*|
| S =.*+=*B|
| = Bo.o+B|
| o . o |
| |
| |
+----[SHA256]-----+
[username@localhost ~]$
一路回车,即可看到在当前用户家目录下生成了.ssh/id_ed25519的私钥和.ssh/id_ed25519.pub公钥文件
二、将公钥文件传给远端服务器对应帐号
使用 ssh-copy-id
命令来完成
[username@localhost ~]$ ssh-copy-id -i ~/.ssh/id_ed25519 -p4422 username@192.168.1.76
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/username/.ssh/id_ed25519.pub"
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
(username@192.168.1.76) Password: Number of key(s) added: 1Now try logging into the machine, with: "ssh -p 4422 'username@192.168.1.76'"
and check to make sure that only the key(s) you wanted were added.[username@localhost ~]$
三、测试验证
[username@localhost ~]$ ssh -p4422 username@192.168.1.75
Last login: Tue May 28 17:22:38 2024
Authorized users only. All activities may be monitored and reported.
[username@localhost ~]$
可以看到,现在已经不需要密码即可以登录了。
这篇关于openssh生成ed25519的密钥对并实现服务器间免密钥登录的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!