Liunx

在 Linux 系统中,SSH 协议是一种常用的远程连接协议。使用 SSH 协议连接到远程主机时,可以使用公钥/私钥对进行身份验证,从而免去输入密码的步骤。

公钥/私钥对是一种加密方式,公钥可以被任何人获得,而私钥只有拥有者知道。当需要进行身份验证时,用户将自己的公钥发送给服务器端,在建立连接时服务器端会向客户端发送一个挑战,客户端使用自己的私钥对挑战进行签名并将签名发送给服务器端。服务器使用预先保存的公钥来验证签名的有效性,如果验证成功,则认为用户身份合法。

Puttygen —— 生成公钥与私钥

  1. 打开软件,点击 Generate 生成,鼠标需要在进度条内移动加速生成
  2. 来到需要被免密登录的服务器,创建 .ssh 文件夹,赋予读、写、执行的权限(700)
  3. 创建 authorized_keys 文件,实现用户无需输入密码即可进行远程登录
  4. 设置 authorized_keys 文件,赋予读写的权限(600)
  5. 将私钥保存到本地,使用 putty 软件进行免密连接
1
2
3
mkdir ~/.ssh && chmod 700 ~/.ssh
cd ~/.ssh
nano authorized_keys
1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMwe3w4S9SI8pjYMVnibPllQ2b33oB8fx8ZIp/GnyDG/qDdvMZcAYy1M+tmnOk9MViKzFu4agNH70GkdHtHeqzntrizVfdD80JTxigKE/35wEnOdk1k6BvpSCYMMBIqPnmjiXYMBbSDryQCixLJw+7LqYSL9C8+mOSlnzWVQfgdd6kmHzgSrlzn0xiiqOMwGZWn50dXSv8EVIHriqzp/IqD4RDWyqEhKolrZcAl3ukYqZTkkpHNF8YNM0cbKIQbFHHsW8LdCUPh+yZ3OTY9wS4nFmj9eVGHZw4lkBGB8vcHnnu69bW0XYQe/9GKQqOCuolNon9zcky0d9wuKp84Jaz rsa-key-20230612
1
2
3
chmod 600 authorized_keys
cd
ls -ald .ssh .ssh/authorized_keys

私钥

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
PuTTY-User-Key-File-3: ssh-rsa
Encryption: none
Comment: rsa-key-20230612
Public-Lines: 6
AAAAB3NzaC1yc2EAAAADAQABAAABAQDMwe3w4S9SI8pjYMVnibPllQ2b33oB8fx8
ZIp/GnyDG/qDdvMZcAYy1M+tmnOk9MViKzFu4agNH70GkdHtHeqzntrizVfdD80J
TxigKE/35wEnOdk1k6BvpSCYMMBIqPnmjiXYMBbSDryQCixLJw+7LqYSL9C8+mOS
lnzWVQfgdd6kmHzgSrlzn0xiiqOMwGZWn50dXSv8EVIHriqzp/IqD4RDWyqEhKol
rZcAl3ukYqZTkkpHNF8YNM0cbKIQbFHHsW8LdCUPh+yZ3OTY9wS4nFmj9eVGHZw4
lkBGB8vcHnnu69bW0XYQe/9GKQqOCuolNon9zcky0d9wuKp84Jaz
Private-Lines: 14
AAABAQCL2aEEtyk09xES01PBJgJjOmzzG64figIjjCA0NAj7G678/8+GfkcdjNDU
B/wYnL38EPhQfXvkitr2k75IL/jP+h4SbqImcNZgF1AAg8gqz/KvsgkzWMNpveUH
TbTna9JTsJ8Ui7PqgPo1f11Fb0aFWJVBMrtld7duta5KTgV1PpIYR+kzuY3C6dLO
zoGs0XgEmSqgx33YVZD99387DEESvLieqbjs+1MhVvWBl5ogLD9sFPjXVqrj7Njh
InmcNI2QZEXy2gFjJxKY0tQgozf6dlwM1Xo9m1YJF6zEYrsaQPF3qp3mrxjlEcOU
mJHszCe8mzHQT7mqWdfFKyWx2VyxAAAAgQD9ZBNyLLKrWo19FT5J8B7n1z/SZMca
XQTafrosxsRvlQcPR2nNCfuU8p7RojP0Rjs/CCQ/Uyn6KhzUXuXHxyALEJOQMJIS
a4zRXk+vSDHQfGCinlJRUNuzySHQpvrLKihxEUpbHE8OOULsS3T2YCmwFRrDqif/
ycU2A1qWYPvMdQAAAIEAzt2onieHKebVxZlDhFZwZXKFsPlKtb0WxtPnwe2xPPl/
Hw1K8Myx9mpN1jbRROmnKO5pW/gDMsImOBjXmkYbEfH0wmm8Z7wUJWy6X6CJN9zw
ZwQTGz5lbQOSGKTxwnoM74bHjWeZXVnSRk/t3KxCxPQaLrE/5/wC3rZcfsD0EYcA
AACAO+Av1/MnpcDdyST9R9UT4xG5mSJejTMCPiK4bHSicmVH8DcYTbNv7NOOHR75
kfwnySQwQWrhCJ8wK5WpLiyi2mQaYQH7D2UgHbq50Pl8xwtr0Q83QbCShVbuFS65
MIRfSayUvAlWAjAk+BXZoMpNyZY9k1NOJ+jpc9xKCsL42FM=
Private-MAC: 2da6da25ea36916464d4d98fe4611ff269e80b8147082ba5c2a424236498ffb0