Cpp五条

这个屌丝很懒，什么也没留下！

热门标签

aws的Linux云主机手动添加秘钥_authenticating with public key "imported-openssh-k

作者：Cpp五条 | 2024-02-28 07:19:41

踩

authenticating with public key "imported-openssh-key

Authenticating with public key "imported-openssh-key"

Last login: Wed Sep 13 07:55:10 2017 from ec2-52-80-79-217.cn-north-1.compute.amazonaws.com.cn

[ec2-user@ip-10-0-0-102 ~]$

[ec2-user@ip-10-0-0-102 ~]$ cd /

[ec2-user@ip-10-0-0-102 /]$ sudo su

[root@ip-10-0-0-102 /]#

[root@ip-10-0-0-102 /]# useradd xiao

[root@ip-10-0-0-102 /]# cd /home xiao

[root@ip-10-0-0-102 home]# sudo do / xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do xiao/

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do sudo /xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do su - xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo su - xiao

[xiao@ip-10-0-0-102 ~]$ ssh

usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]

[-D [bind_address:]port] [-e escape_char] [-F configfile]

[-I pkcs11] [-i identity_file]

[-L [bind_address:]port:host:hostport]

[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]

[-R [bind_address:]port:host:hostport] [-S ctl_path]

[-W host:port] [-w local_tun[:remote_tun]]

[user@]hostname [command]

[xiao@ip-10-0-0-102 ~]$ ssh -key gen

ssh: Could not resolve hostname gen: Name or service not known

[xiao@ip-10-0-0-102 ~]$ ssh-key gen

-bash: ssh-key: command not found

[xiao@ip-10-0-0-102 ~]$ ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/home/xiao/.ssh/id_rsa):

Created directory '/home/xiao/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/xiao/.ssh/id_rsa.

Your public key has been saved in /home/xiao/.ssh/id_rsa.pub.

The key fingerprint is:

61:88:92:ea:67:88:b1:b2:6e:cc:5b:61:14:0f:ad:af xiao@ip-10-0-0-102.cn-north-1.compute.internal

The key's randomart image is:

+--[ RSA 2048]----+

| o. |

| .+o . |

| o.o.. o |

| ..o . . |

|o o. S |

|ooo .. |

|*o +. |

|.=+E |

|+o. |

+-----------------+

[xiao@ip-10-0-0-102 ~]$

[xiao@ip-10-0-0-102 ~]$ cd .ssh

[xiao@ip-10-0-0-102 .ssh]$ ls

id_rsa id_rsa.pub

[xiao@ip-10-0-0-102 .ssh]$ pwd

/home/xiao/.ssh

[xiao@ip-10-0-0-102 .ssh]$ sud0 su

-bash: sud0: command not found

[xiao@ip-10-0-0-102 .ssh]$ sudo do su

We trust you have received the usual lecture from the local System

Administrator. It usually boils down to these three things:

#1) Respect the privacy of others.

#2) Think before you type.

#3) With great power comes great responsibility.

[sudo] password for xiao:

Sorry, try again.

[sudo] password for xiao:

Sorry, try again.

[sudo] password for xiao:

Sorry, try again.

sudo: 3 incorrect password attempts

[xiao@ip-10-0-0-102 .ssh]$

[xiao@ip-10-0-0-102 .ssh]$ exit

logout

[root@ip-10-0-0-102 home]# cd xiao

[root@ip-10-0-0-102 xiao]# cd .ssh

[root@ip-10-0-0-102 .ssh]# ls

id_rsa id_rsa.pub

[root@ip-10-0-0-102 .ssh]# copy id_rsa /home/ec2-user

bash: copy: command not found

[root@ip-10-0-0-102 .ssh]# cy id_rsa /home/ec2-user

bash: cy: command not found

[root@ip-10-0-0-102 .ssh]# cp id_rsa /home/ec2-user

[root@ip-10-0-0-102 .ssh]# cd home

bash: cd: home: No such file or directory

[root@ip-10-0-0-102 .ssh]# ^C

[root@ip-10-0-0-102 .ssh]# cd /

[root@ip-10-0-0-102 /]# cd homw

bash: cd: homw: No such file or directory

[root@ip-10-0-0-102 /]# cd home

[root@ip-10-0-0-102 home]# ls -lrt

total 8

drwx------. 5 xiao xiao 4096 Sep 13 09:15 xiao

drwx------. 3 ec2-user ec2-user 4096 Sep 13 09:19 ec2-user

[root@ip-10-0-0-102 home]# cd ec2-user

[root@ip-10-0-0-102 ec2-user]# ls -lrt

total 8

-rw-rw-r--. 1 ec2-user ec2-user 18 Sep 9 03:54 test.txt

-rw-------. 1 root root 1675 Sep 13 09:19 id_rsa

[root@ip-10-0-0-102 ec2-user]# ls

id_rsa test.txt

[root@ip-10-0-0-102 ec2-user]# chmod +r id_rsa

[root@ip-10-0-0-102 ec2-user]# sudo su - xiao

[xiao@ip-10-0-0-102 ~]$ cd .ssh

[xiao@ip-10-0-0-102 .ssh]$ cat id_rsa.pub >> authorized_keys

[xiao@ip-10-0-0-102 .ssh]$ chmod 600 authorized_keys

[xiao@ip-10-0-0-102 .ssh]$ exit

logout

[root@ip-10-0-0-102 ec2-user]# cd /etc/ssh/sshd_config

bash: cd: /etc/ssh/sshd_config: Not a directory

[root@ip-10-0-0-102 ec2-user]# cd /

[root@ip-10-0-0-102 /]#

[root@ip-10-0-0-102 /]# cd /etc/ssh/sshd_config

bash: cd: /etc/ssh/sshd_config: Not a directory

[root@ip-10-0-0-102 /]# cat /etc/ssh/sshd_config

# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

# This is the sshd server system-wide configuration file. See

# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented. Uncommented options change a

# default value.

#Port 22

#AddressFamily any

#ListenAddress 0.0.0.0

#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new

# installations. In future the default will change to require explicit

# activation of protocol 1

Protocol 2

# HostKey for protocol version 1

#HostKey /etc/ssh/ssh_host_key

# HostKeys for protocol version 2

#HostKey /etc/ssh/ssh_host_rsa_key

#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key

#KeyRegenerationInterval 1h

#ServerKeyBits 1024

# Logging

# obsoletes QuietMode and FascistLogging

#SyslogFacility AUTH

SyslogFacility AUTHPRIV

#LogLevel INFO

# Authentication:

#LoginGraceTime 2m

#PermitRootLogin yes

#StrictModes yes

#MaxAuthTries 6

#MaxSessions 10

#RSAAuthentication yes

#PubkeyAuthentication yes

#AuthorizedKeysFile .ssh/authorized_keys

#AuthorizedKeysCommand none

#AuthorizedKeysCommandRunAs nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

#RhostsRSAAuthentication no

# similar for protocol version 2

#HostbasedAuthentication no

# Change to yes if you don't trust ~/.ssh/known_hosts for

# RhostsRSAAuthentication and HostbasedAuthentication

#IgnoreUserKnownHosts no

# Don't read the user's ~/.rhosts and ~/.shosts files

#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!

#PasswordAuthentication yes

#PermitEmptyPasswords no

PasswordAuthentication no

# Change to no to disable s/key passwords

#ChallengeResponseAuthentication yes

ChallengeResponseAuthentication no

# Kerberos options

#KerberosAuthentication no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes

#KerberosGetAFSToken no

#KerberosUseKuserok yes

# GSSAPI options

#GSSAPIAuthentication no

GSSAPIAuthentication yes

#GSSAPICleanupCredentials yes

GSSAPICleanupCredentials yes

#GSSAPIStrictAcceptorCheck yes

#GSSAPIKeyExchange no

# Set this to 'yes' to enable PAM authentication, account processing,

# and session processing. If this is enabled, PAM authentication will

# be allowed through the ChallengeResponseAuthentication and

# PasswordAuthentication. Depending on your PAM configuration,

# PAM authentication via ChallengeResponseAuthentication may bypass

# the setting of "PermitRootLogin without-password".

# If you just want the PAM account and session checks to run without

# PAM authentication, then enable this but set PasswordAuthentication

# and ChallengeResponseAuthentication to 'no'.

#UsePAM no

UsePAM yes

# Accept locale-related environment variables

AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES

AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT

AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE

AcceptEnv XMODIFIERS

#AllowAgentForwarding yes

#AllowTcpForwarding yes

#GatewayPorts no

#X11Forwarding no

X11Forwarding yes

#X11DisplayOffset 10

#X11UseLocalhost yes

#PrintMotd yes

#PrintLastLog yes

#TCPKeepAlive yes

#UseLogin no

#UsePrivilegeSeparation yes

#PermitUserEnvironment no

#Compression delayed

#ClientAliveInterval 0

#ClientAliveCountMax 3

#ShowPatchLevel no

#UseDNS yes

#PidFile /var/run/sshd.pid

#MaxStartups 10:30:100

#PermitTunnel no

#ChrootDirectory none

# no default banner path

#Banner none

# override default of no subsystems

Subsystem sftp /usr/libexec/openssh/sftp-server

# Example of overriding settings on a per-user basis

#Match User anoncvs

# X11Forwarding no

# AllowTcpForwarding no

# ForceCommand cvs server[root@ip-10-0-0-102 /]# ^C

[root@ip-10-0-0-102 /]#

[root@ip-10-0-0-102 /]# cat /etc/ssh/sshd_config | grpt grep -i RSAAuthentication

bash: grpt: command not found

[root@ip-10-0-0-102 /]# cat /etc/ssh/sshd_config | grep -i RSAAuthentication

#RSAAuthentication yes

#RhostsRSAAuthentication no

# RhostsRSAAuthentication and HostbasedAuthentication

[root@ip-10-0-0-102 /]# su

[root@ip-10-0-0-102 /]#login as: ec2-user

Authenticating with public key "imported-openssh-key"

Last login: Wed Sep 13 07:55:10 2017 from ec2-52-80-79-217.cn-north-1.compute.amazonaws.com.cn

[ec2-user@ip-10-0-0-102 ~]$

[ec2-user@ip-10-0-0-102 ~]$ cd /

[ec2-user@ip-10-0-0-102 /]$ sudo su

[root@ip-10-0-0-102 /]#

[root@ip-10-0-0-102 /]# useradd xiao

[root@ip-10-0-0-102 /]# cd /home xiao

[root@ip-10-0-0-102 home]# sudo do / xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do xiao/

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do sudo /xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do su - xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo su - xiao

[xiao@ip-10-0-0-102 ~]$ ssh

usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]

[-D [bind_address:]port] [-e escape_char] [-F configfile]

[-I pkcs11] [-i identity_file]

[-L [bind_address:]port:host:hostport]

[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]

[-R [bind_address:]port:host:hostport] [-S ctl_path]

[-W host:port] [-w local_tun[:remote_tun]]

[user@]hostname [command]

[xiao@ip-10-0-0-102 ~]$ ssh -key gen

ssh: Could not resolve hostname gen: Name or service not known

[xiao@ip-10-0-0-102 ~]$ ssh-key gen

-bash: ssh-key: command not found

[xiao@ip-10-0-0-102 ~]$ ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/home/xiao/.ssh/id_rsa):

Created directory '/home/xiao/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/xiao/.ssh/id_rsa.

Your public key has been saved in /home/xiao/.ssh/id_rsa.pub.

The key fingerprint is:

61:88:92:ea:67:88:b1:b2:6e:cc:5b:61:14:0f:ad:af xiao@ip-10-0-0-102.cn-north-1.compute.internal

The key's randomart image is:

+--[ RSA 2048]----+

| o. |

| .+o . |

| o.o.. o |

| ..o . . |

|o o. S |

|ooo .. |

|*o +. |

|.=+E |

|+o. |

+-----------------+

[xiao@ip-10-0-0-102 ~]$

[xiao@ip-10-0-0-102 ~]$ cd .ssh

[xiao@ip-10-0-0-102 .ssh]$ ls

id_rsa id_rsa.pub

[xiao@ip-10-0-0-102 .ssh]$ pwd

/home/xiao/.ssh

[xiao@ip-10-0-0-102 .ssh]$ sud0 su

-bash: sud0: command not found

[xiao@ip-10-0-0-102 .ssh]$ sudo do su

We trust you have received the usual lecture from the local System

Administrator. It usually boils down to these three things:

#1) Respect the privacy of others.

#2) Think before you type.

#3) With great power comes great responsibility.

[sudo] password for xiao:

Sorry, try again.

[sudo] password for xiao:

Sorry, try again.

[sudo] password for xiao:

Sorry, try again.

sudo: 3 incorrect password attempts

[xiao@ip-10-0-0-102 .ssh]$

[xiao@ip-10-0-0-102 .ssh]$ exit

logout

[root@ip-10-0-0-102 home]# cd xiao

[root@ip-10-0-0-102 xiao]# cd .ssh

[root@ip-10-0-0-102 .ssh]# ls

id_rsa id_rsa.pub

[root@ip-10-0-0-102 .ssh]# copy id_rsa /home/ec2-user

bash: copy: command not found

[root@ip-10-0-0-102 .ssh]# cy id_rsa /home/ec2-user

bash: cy: command not found

[root@ip-10-0-0-102 .ssh]# cp id_rsa /home/ec2-user

[root@ip-10-0-0-102 .ssh]# cd home

bash: cd: home: No such file or directory

[root@ip-10-0-0-102 .ssh]# ^C

[root@ip-10-0-0-102 .ssh]# cd /

[root@ip-10-0-0-102 /]# cd homw

bash: cd: homw: No such file or directory

[root@ip-10-0-0-102 /]# cd home

[root@ip-10-0-0-102 home]# ls -lrt

total 8

drwx------. 5 xiao xiao 4096 Sep 13 09:15 xiao

drwx------. 3 ec2-user ec2-user 4096 Sep 13 09:19 ec2-user

[root@ip-10-0-0-102 home]# cd ec2-user

[root@ip-10-0-0-102 ec2-user]# ls -lrt

total 8

-rw-rw-r--. 1 ec2-user ec2-user 18 Sep 9 03:54 test.txt

-rw-------. 1 root root 1675 Sep 13 09:19 id_rsa

[root@ip-10-0-0-102 ec2-user]# ls

id_rsa test.txt

[root@ip-10-0-0-102 ec2-user]# chmod +r id_rsa

[root@ip-10-0-0-102 ec2-user]# sudo su - xiao

[xiao@ip-10-0-0-102 ~]$ cd .ssh

[xiao@ip-10-0-0-102 .ssh]$ cat id_rsa.pub >> authorized_keys

[xiao@ip-10-0-0-102 .ssh]$ chmod 600 authorized_keys

[xiao@ip-10-0-0-102 .ssh]$ exit

logout

[root@ip-10-0-0-102 ec2-user]# cd /etc/ssh/sshd_config

bash: cd: /etc/ssh/sshd_config: Not a directory

[root@ip-10-0-0-102 ec2-user]# cd /

[root@ip-10-0-0-102 /]#

[root@ip-10-0-0-102 /]# cd /etc/ssh/sshd_config

bash: cd: /etc/ssh/sshd_config: Not a directory

[root@ip-10-0-0-102 /]# cat /etc/ssh/sshd_config

# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

# This is the sshd server system-wide configuration file. See

# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented. Uncommented options change a

# default value.

#Port 22

#AddressFamily any

#ListenAddress 0.0.0.0

#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new

# installations. In future the default will change to require explicit

# activation of protocol 1

Protocol 2

# HostKey for protocol version 1

#HostKey /etc/ssh/ssh_host_key

# HostKeys for protocol version 2

#HostKey /etc/ssh/ssh_host_rsa_key

#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key

#KeyRegenerationInterval 1h

#ServerKeyBits 1024

# Logging

# obsoletes QuietMode and FascistLogging

#SyslogFacility AUTH

SyslogFacility AUTHPRIV

#LogLevel INFO

# Authentication:

#LoginGraceTime 2m

#PermitRootLogin yes

#StrictModes yes

#MaxAuthTries 6

#MaxSessions 10

#RSAAuthentication yes

#PubkeyAuthentication yes

#AuthorizedKeysFile .ssh/authorized_keys

#AuthorizedKeysCommand none

#AuthorizedKeysCommandRunAs nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

#RhostsRSAAuthentication no

# similar for protocol version 2

#HostbasedAuthentication no

# Change to yes if you don't trust ~/.ssh/known_hosts for

# RhostsRSAAuthentication and HostbasedAuthentication

#IgnoreUserKnownHosts no

# Don't read the user's ~/.rhosts and ~/.shosts files

#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!

#PasswordAuthentication yes

#PermitEmptyPasswords no

PasswordAuthentication no

# Change to no to disable s/key passwords

#ChallengeResponseAuthentication yes

ChallengeResponseAuthentication no

# Kerberos options

#KerberosAuthentication no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes

#KerberosGetAFSToken no

#KerberosUseKuserok yes

# GSSAPI options

#GSSAPIAuthentication no

GSSAPIAuthentication yes

#GSSAPICleanupCredentials yes

GSSAPICleanupCredentials yes

#GSSAPIStrictAcceptorCheck yes

#GSSAPIKeyExchange no

# Set this to 'yes' to enable PAM authentication, account processing,

# and session processing. If this is enabled, PAM authentication will

# be allowed through the ChallengeResponseAuthentication and

# PasswordAuthentication. Depending on your PAM configuration,

# PAM authentication via ChallengeResponseAuthentication may bypass

# the setting of "PermitRootLogin without-password".

# If you just want the PAM account and session checks to run without

# PAM authentication, then enable this but set PasswordAuthentication

# and ChallengeResponseAuthentication to 'no'.

#UsePAM no

UsePAM yes

# Accept locale-related environment variables

AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES

AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT

AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE

AcceptEnv XMODIFIERS

#AllowAgentForwarding yes

#AllowTcpForwarding yes

#GatewayPorts no

#X11Forwarding no

X11Forwarding yes

#X11DisplayOffset 10

#X11UseLocalhost yes

#PrintMotd yes

#PrintLastLog yes

#TCPKeepAlive yes

#UseLogin no

#UsePrivilegeSeparation yes

#PermitUserEnvironment no

#Compression delayed

#ClientAliveInterval 0

#ClientAliveCountMax 3

#ShowPatchLevel no

#UseDNS yes

#PidFile /var/run/sshd.pid

#MaxStartups 10:30:100

#PermitTunnel no

#ChrootDirectory none

# no default banner path

#Banner none

# override default of no subsystems

Subsystem sftp /usr/libexec/openssh/sftp-server

# Example of overriding settings on a per-user basis

#Match User anoncvs

# X11Forwarding no

# AllowTcpForwarding no

# ForceCommand cvs server[root@ip-10-0-0-102 /]# ^C

[root@ip-10-0-0-102 /]#

[root@ip-10-0-0-102 /]# cat /etc/ssh/sshd_config | grpt grep -i RSAAuthentication

bash: grpt: command not found

[root@ip-10-0-0-102 /]# cat /etc/ssh/sshd_config | grep -i RSAAuthentication

#RSAAuthentication yes

#RhostsRSAAuthentication no

# RhostsRSAAuthentication and HostbasedAuthentication

[root@ip-10-0-0-102 /]# su

[root@ip-10-0-0-102 /]#login as: ec2-user

Authenticating with public key "imported-openssh-key"

Last login: Wed Sep 13 07:55:10 2017 from ec2-52-80-79-217.cn-north-1.compute.amazonaws.com.cn

[ec2-user@ip-10-0-0-102 ~]$

[ec2-user@ip-10-0-0-102 ~]$ cd /

[ec2-user@ip-10-0-0-102 /]$ sudo su

[root@ip-10-0-0-102 /]#

[root@ip-10-0-0-102 /]# useradd xiao

[root@ip-10-0-0-102 /]# cd /home xiao

[root@ip-10-0-0-102 home]# sudo do / xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do xiao/

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do sudo /xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo do su - xiao

sudo: do: command not found

[root@ip-10-0-0-102 home]# sudo su - xiao

[xiao@ip-10-0-0-102 ~]$ ssh

usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]

[-D [bind_address:]port] [-e escape_char] [-F configfile]

[-I pkcs11] [-i identity_file]

[-L [bind_address:]port:host:hostport]

[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]

[-R [bind_address:]port:host:hostport] [-S ctl_path]

[-W host:port] [-w local_tun[:remote_tun]]

[user@]hostname [command]

[xiao@ip-10-0-0-102 ~]$ ssh -key gen

ssh: Could not resolve hostname gen: Name or service not known

[xiao@ip-10-0-0-102 ~]$ ssh-key gen

-bash: ssh-key: command not found

[xiao@ip-10-0-0-102 ~]$ ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/home/xiao/.ssh/id_rsa):

Created directory '/home/xiao/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/xiao/.ssh/id_rsa.

Your public key has been saved in /home/xiao/.ssh/id_rsa.pub.

The key fingerprint is:

61:88:92:ea:67:88:b1:b2:6e:cc:5b:61:14:0f:ad:af xiao@ip-10-0-0-102.cn-north-1.compute.internal

The key's randomart image is:

+--[ RSA 2048]----+

| o. |

| .+o . |

| o.o.. o |

| ..o . . |

|o o. S |

|ooo .. |

|*o +. |

|.=+E |

|+o. |

+-----------------+

[xiao@ip-10-0-0-102 ~]$

[xiao@ip-10-0-0-102 ~]$ cd .ssh

[xiao@ip-10-0-0-102 .ssh]$ ls

id_rsa id_rsa.pub

[xiao@ip-10-0-0-102 .ssh]$ pwd

/home/xiao/.ssh

[xiao@ip-10-0-0-102 .ssh]$ sud0 su

-bash: sud0: command not found

[xiao@ip-10-0-0-102 .ssh]$ sudo do su

We trust you have received the usual lecture from the local System

Administrator. It usually boils down to these three things:

#1) Respect the privacy of others.

#2) Think before you type.

#3) With great power comes great responsibility.

[sudo] password for xiao:

Sorry, try again.

[sudo] password for xiao:

Sorry, try again.

[sudo] password for xiao:

Sorry, try again.

sudo: 3 incorrect password attempts

[xiao@ip-10-0-0-102 .ssh]$

[xiao@ip-10-0-0-102 .ssh]$ exit

logout

[root@ip-10-0-0-102 home]# cd xiao

[root@ip-10-0-0-102 xiao]# cd .ssh

[root@ip-10-0-0-102 .ssh]# ls

id_rsa id_rsa.pub

[root@ip-10-0-0-102 .ssh]# copy id_rsa /home/ec2-user

bash: copy: command not found

[root@ip-10-0-0-102 .ssh]# cy id_rsa /home/ec2-user

bash: cy: command not found

[root@ip-10-0-0-102 .ssh]# cp id_rsa /home/ec2-user

[root@ip-10-0-0-102 .ssh]# cd home

bash: cd: home: No such file or directory

[root@ip-10-0-0-102 .ssh]# ^C

[root@ip-10-0-0-102 .ssh]# cd /

[root@ip-10-0-0-102 /]# cd homw

bash: cd: homw: No such file or directory

[root@ip-10-0-0-102 /]# cd home

[root@ip-10-0-0-102 home]# ls -lrt

total 8

drwx------. 5 xiao xiao 4096 Sep 13 09:15 xiao

drwx------. 3 ec2-user ec2-user 4096 Sep 13 09:19 ec2-user

[root@ip-10-0-0-102 home]# cd ec2-user

[root@ip-10-0-0-102 ec2-user]# ls -lrt

total 8

-rw-rw-r--. 1 ec2-user ec2-user 18 Sep 9 03:54 test.txt

-rw-------. 1 root root 1675 Sep 13 09:19 id_rsa

[root@ip-10-0-0-102 ec2-user]# ls

id_rsa test.txt

[root@ip-10-0-0-102 ec2-user]# chmod +r id_rsa

[root@ip-10-0-0-102 ec2-user]# sudo su - xiao

[xiao@ip-10-0-0-102 ~]$ cd .ssh

[xiao@ip-10-0-0-102 .ssh]$ cat id_rsa.pub >> authorized_keys

[xiao@ip-10-0-0-102 .ssh]$ chmod 600 authorized_keys

[xiao@ip-10-0-0-102 .ssh]$ exit

logout

[root@ip-10-0-0-102 ec2-user]# cd /etc/ssh/sshd_config

bash: cd: /etc/ssh/sshd_config: Not a directory

[root@ip-10-0-0-102 ec2-user]# cd /

[root@ip-10-0-0-102 /]#

[root@ip-10-0-0-102 /]# cd /etc/ssh/sshd_config

bash: cd: /etc/ssh/sshd_config: Not a directory

[root@ip-10-0-0-102 /]# cat /etc/ssh/sshd_config

# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

# This is the sshd server system-wide configuration file. See

# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented. Uncommented options change a

# default value.

#Port 22

#AddressFamily any

#ListenAddress 0.0.0.0

#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new

# installations. In future the default will change to require explicit

# activation of protocol 1

Protocol 2

# HostKey for protocol version 1

#HostKey /etc/ssh/ssh_host_key

# HostKeys for protocol version 2

#HostKey /etc/ssh/ssh_host_rsa_key

#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key

#KeyRegenerationInterval 1h

#ServerKeyBits 1024

# Logging

# obsoletes QuietMode and FascistLogging

#SyslogFacility AUTH

SyslogFacility AUTHPRIV

#LogLevel INFO

# Authentication:

#LoginGraceTime 2m

#PermitRootLogin yes

#StrictModes yes

#MaxAuthTries 6

#MaxSessions 10

#RSAAuthentication yes

#PubkeyAuthentication yes

#AuthorizedKeysFile .ssh/authorized_keys

#AuthorizedKeysCommand none

#AuthorizedKeysCommandRunAs nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

#RhostsRSAAuthentication no

# similar for protocol version 2

#HostbasedAuthentication no

# Change to yes if you don't trust ~/.ssh/known_hosts for

# RhostsRSAAuthentication and HostbasedAuthentication

#IgnoreUserKnownHosts no

# Don't read the user's ~/.rhosts and ~/.shosts files

#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!

#PasswordAuthentication yes

#PermitEmptyPasswords no

PasswordAuthentication no

# Change to no to disable s/key passwords

#ChallengeResponseAuthentication yes

ChallengeResponseAuthentication no

# Kerberos options

#KerberosAuthentication no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes

#KerberosGetAFSToken no

#KerberosUseKuserok yes

# GSSAPI options

#GSSAPIAuthentication no

GSSAPIAuthentication yes

#GSSAPICleanupCredentials yes

GSSAPICleanupCredentials yes

#GSSAPIStrictAcceptorCheck yes

#GSSAPIKeyExchange no

# Set this to 'yes' to enable PAM authentication, account processing,

# and session processing. If this is enabled, PAM authentication will

# be allowed through the ChallengeResponseAuthentication and

# PasswordAuthentication. Depending on your PAM configuration,

# PAM authentication via ChallengeResponseAuthentication may bypass

# the setting of "PermitRootLogin without-password".

# If you just want the PAM account and session checks to run without

# PAM authentication, then enable this but set PasswordAuthentication

# and ChallengeResponseAuthentication to 'no'.

#UsePAM no

UsePAM yes

# Accept locale-related environment variables

AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES

AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT

AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE

AcceptEnv XMODIFIERS

#AllowAgentForwarding yes

#AllowTcpForwarding yes

#GatewayPorts no

#X11Forwarding no

X11Forwarding yes

#X11DisplayOffset 10

#X11UseLocalhost yes

#PrintMotd yes

#PrintLastLog yes

#TCPKeepAlive yes

#UseLogin no

#UsePrivilegeSeparation yes

#PermitUserEnvironment no

#Compression delayed

#ClientAliveInterval 0

#ClientAliveCountMax 3

#ShowPatchLevel no

#UseDNS yes

#PidFile /var/run/sshd.pid

#MaxStartups 10:30:100

#PermitTunnel no

#ChrootDirectory none

# no default banner path

#Banner none

# override default of no subsystems

Subsystem sftp /usr/libexec/openssh/sftp-server

# Example of overriding settings on a per-user basis

#Match User anoncvs

# X11Forwarding no

# AllowTcpForwarding no

# ForceCommand cvs server[root@ip-10-0-0-102 /]# ^C

[root@ip-10-0-0-102 /]#

[root@ip-10-0-0-102 /]# cat /etc/ssh/sshd_config | grpt grep -i RSAAuthentication

bash: grpt: command not found

[root@ip-10-0-0-102 /]# cat /etc/ssh/sshd_config | grep -i RSAAuthentication

#RSAAuthentication yes

#RhostsRSAAuthentication no

# RhostsRSAAuthentication and HostbasedAuthentication

[root@ip-10-0-0-102 /]# su

[root@ip-10-0-0-102 /]#

本文内容由网友自发贡献，转载请注明出处：【wpsshop博客】