【SSH 公钥登录】学习笔记
这里就只简单的记下ssh公钥登录的过程,原理可以参见阮一峰ssh原理与应用(一):远程登录,本文有参考其文章实现,并在文末也给了ssh连接github的教程
ssh-keygen产生公钥私钥对
> ssh-keygen -t rsa -b 4096 -C "cimeay@gmail.com"
出现以下提示
Generating public/private rsa key pair.
如果需要口令的话,就输口令,如果嫌麻烦的话,以下每一步直接留空,按 enter 就可以了
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
成功了之后提示信息如下
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ee:31:6e:bb:76:a9:c5:77:67:d3:1e:8a:d4:b3:ac:b6 cimeay@gmail.com
ls命令查看是否生成了公钥私钥
> ls ~/.ssh/
id_rsa id_rsa.pub
目前,对于SSH的应用,也是用在两方面,一个是远程服务器的管理,一个是项目的管理(托管在github,还有bitbucket)
ssh 应用
远程登录服务器
以下服务器ip基于保密原则,不完全显示,请替换成自己的服务器ip实验
> ssh-copy-id root@xxx.55.0.xx
会出现以下提示,大概就是提示主机并不可信,提示是否要继续操作
The authenticity of host 'xxx.55.0.xx (xxx.55.0.xx)' can't be established.
ECDSA key fingerprint is e4:ba:cf:16:ca:3a:ce:6c:87:9b:91:97:b6:6a:a2:25.
Are you sure you want to continue connecting (yes/no)?
输入yes,按下回车,用户的公钥就添加到了远程主机上
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@xxx.55.0.xx's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@xxx.55.0.xx'"
做完前面的操作后,可以ssh试一下
> ssh root@xxx.55.0.xx
如果能登陆到服务器就意味着成功了
起个别名
每次都要输入 ssh root@xxx.55.0.xx 是很麻烦的,所以可以考虑指定别名
> alias server_name='ssh root@xxx.55.0.xx'
如果想要别名在关掉shell窗口后,下次打开还生效的话,可以考虑把别名配置写到自己用户目录下的 .bashrc 或者 .zshrc 文件 , 我是用zsh的,所以就编辑zshrc文件啦。
- 1 打开文件 .zshrc
> vim ~/.zshrc
- 2 在文件尾部加上,并保存
alias server_name='ssh root@xxx.55.0.xx'
- 3 让配置马上生效
> source ~/.zshrc
用SSH登陆 github
官方的教程蛮好的,直接推荐