CentOS 7 上创建SSH密钥_centos生成ssh密钥

CentOS 7 上创建SSH密钥

在生成新的SSH密钥对之前，最好检查 CentOS 客户端计算机上的现有SSH密钥。

请运行以下命令，该命令将列出所有公钥

ls -l ~/.ssh/id_*.pub
1

如果命令的输出返回类似cannot access /root/.ssh/id_*.pub: No such file or directory，则意味着您的客户端计算机上没有SSH密钥，您可以继续执行下一步并生成SSH密钥对。

1、首先生成一个新的4096位SSH密钥对，并将您的电子邮件地址作为注释：

ssh-keygen -t rsa -b 4096 -C "llhui20@sina.com"
1

2、系统将提示您指定文件名：

Enter file in which to save the key (/home/username/.ssh/id_rsa):
1

按Enter键接受默认文件位置和文件名。

3、系统会要求您输入安全密码。 是否要使用密码短语取决于您。 如果您选择使用密码，您将获得额外的安全层。

Enter passphrase (empty for no passphrase):
1

如果您不想使用密码短语，请按Enter键

# 整个交互过程：
[root@liulihui /]# ls -l ~/.ssh/id_*.pub
ls: cannot access /root/.ssh/id_*.pub: No such file or directory

[root@liulihui /]# ssh-keygen -t rsa -b 4096 -C "llhui20@sina.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:RpNQDtJe92E5qovCrKhoO4CiN4Jn0Y3LT6SPbTKFg4E llhui20@sina.com
The key's randomart image is:
+---[RSA 4096]----+
|    ..o..    .   |
|     ..+... =    |
| .   . .=. + o   |
|E .   .. .. .    |
|.  + +. S.       |
|+ o =oo..        |
|=  =.+.. .       |
|=+= O=o .        |
|**+o.*+          |
+----[SHA256]-----+
[root@liulihui /]# 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

查看生成SSH密钥

[root@liulihui /]# ls ~/.ssh/id_*
/root/.ssh/id_rsa  /root/.ssh/id_rsa.pub
1
2

查看生成SSH私钥

[root@liulihui /]# cat /root/.ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
MIIJKgIBAAKCAgEAxjHraoiyeyFSY82RQLonNtowp/z/dtuprWmX99FaD6Yp8wZ7
679xzDjkCS3pYvoyCGPQ7QdhuCH/WOl24Bb3C6Vl9n7iOIwCIKgdRxyCL54gJAQo
QumnhGIG2DrXpSIWCslNDmFtmXGfPO2jcVjg5d3KzzuuINorEkNbs62bUwDzz90u
pF3GqNXQlb9+5NtIwpalp6scwUtW2qhM4rBhsAA/CupIiJLtJcfk6CeOUO+ODR5t
ENFJGhrKT0Tr7yJaDUg+TVYVZxrWsk2N4wyCLx26i4ij5l+5zzT4iz/cW5z9Zgk1
Bs/kCj5kb2Tuzrm6UUWKm1E5ivpikT3KWlL0YHOigl4x84whcPASzPhmo9GKHyxM
p/ojYHFMAk31GV7gIsBaV6JeVJa+zeKHJssSde8D6MEQ/UOKppdvkxUyQ0F2TMzJ
8uax9dGfXkowSjJDD3q2Voh/z7sXcL/s9pSKWfJjnnOloRE8CHK9eC0qMd+dliBl
4cx+OzPdHX55Am22oVRUrr2j5eCcZUEXjHa6yh+OBJcVaPjP6cn+OX0+sSEfjltT
D4/CQ9bE0YF1b+GvR5I1c29+X4rOuYftNDmCl/PnMZcpFStS17LYyEOuUTQ/w693
HCB/HfoOrYMFNPsFn9VOuO9vdm18zd73CegVm6nORazjWEPiodRnXPXObIMCAwEA
AQKCAgEAn2UYYvaLLFGxNEjoT7kmvoud5Ayp3ApvnOK2cHzzRHCrfiMx2HiAafE7
HFLLR2nWgT7dkTOFmJPnC7e/fhuaFciwhxymjTm0oFT0LvOzk95FFRIu2xmVOven
b5FrSwht18DrcuxSO7zQhyzLbOZBAT1t1Vq3AP7U8vwvLQMrTwcODpdg4pn0omZL
OZPn1uCw1KZZlc4c8yvHL1V5eDrIZcbc7MddDFG13dO0uizN3TO797sHliXq986h
9DyGzyy+Zb47NPFNhz1je8S5nue5b3EmTP/YaPeFtSpx1XPHofpRJRW0isT5Lm/d
UGVJVgKy4JfgEGezsp0KVqruKdRbaiYzlaEfu8eu+GT9fx/lbNX/dpOsFjNIu+YW
0m+smCsSKzZhOrx8RByuE3Fuh0ypiQp7c54ku1CdjDY1PPsAR7zzRV0HslUD46Re
R7SfjOjRCpeySgeSB0LZpnAPygSblFY46akkrIEfGI8Y/cRDljgrgbWjSmmIP+KW
vFWHPNXmwWG+OUIvsO4iBAFd+itJ6djpIlAJflWesYo0fR0VQ0vquPXZki7lUY7+
HEvfwEkG6BaeQ0F3YN9IiCNSuvtHA4zwcILDZzxfLVxnC0AwYJtlPZN0bHm16Sir
8O4rpFeRpux1iNUt/1u17uF1nTGGoqnm6t2mF71PY2mjp/yRSBkCggEBAPtw0Qdr
dO8YVf6rIOHDsOgR9VGEiVutFU9DgbKJ+klX/UmcKux59QOJLO03yfGbaPsfBN1R
5hRjScHqrbvYUgTDi997uGjgeIaQuDYxUEqGZVHEk+aKh/7QGy0DzXMR9g8LA0BH
f6swP+oMuk6MjbwDpNqn76Zgc+zIXOK69LVWIuYmffWr1QPYKGna6Wmw/c/HHOOH
Ebp55Q4cO5IUjwmhE3BD+Ssjep7dF31I3uJTQmw1bcBgSz3vtI8F4RnK3wOmpQX6
cwckyLY1I/GEjAA2ZERvnnZF1JbNxzRrZklxlGzVV0eWUbb1EGACiqWqVQrIelbF
P0Y4o0grEvdxfH0CggEBAMnJ7/3IbZtdr3O4Se959O4y3YVN5ww8giZFGKPG+oCk
eeBkHCi7X0YvhdlAQ3I7/E67oRBHaS8U4edQKX866Xb31rCd1+PeVoSoQJS9hSef
Me4XmlHk91td1yRELSVFOzOcwsQNbDjpV/dcOFpqR82VoUf4qtG7VD1NAwguyKIN
FSHYIO97NJO4x3utSJyO/Le989VcqUOHLkCcaIrcusMhzbaf5mN+76pKQo63T9Oq
IqSHdN4snWHVCoATXyjbz6F8TtQLajuoJrhszEEgYLeSIyw/RjndLun8wKAl0ZyZ
zDoo+MTu2M8A4bLJeGQTBcRyuqZTsXOO7+YZoYpo3P8CggEBAKtSDTrO/tfCbyWc
mET7v1gAlHQ8qBKs9i4RwxdRaBX9O/mhzKVf24/TMadYMeLLj1Y7pmbeXLRbim/0
ZPfuxsO0MWPOurHK8JRPmxRhuWFt/S8fj96vWUZHqZycUKos/Mj3KfnsPZL4xzPE
BFVs80299d9+OY3VfmdBhfh+hingTNsgMwbnU7bQ24h0vkFjdSzTcF2fNHcogueA
WR6Jn4RiGgqOZgH8pJoF7vFQa30uWb29EdDYS6wh3Zbt3JhkYFvuedZ+9U1SxOdR
gfIX7ARhCySOIRxZLCasgyS2YPV9zDHzkwqV44uTotqoIKwMSPGV87WXpCtGgAq2
PrAWxUkCggEAByr9M26jNhml2d56Ad+7K5ry84FI685acTGTJn4y987f5XCo72l4
gO2/O3Bk9PHcjI9tsT5YJiv/uk/GqZZWJLu5DJ0OxjFnsV6orJ/u0vF8vJBqEu6n
Or+inM8vK1vCNpsi8APqDDt9vHOyLMQJuOvPxta2eqzE2UibCvdeeSMt1P3wbZFa
1MSDkYkeQzFxGLXOq42XFab/pZvousYMfFH/FLWpYW9o5AuvQZKRa1tnz6BgLmQ3
UvpWXSZTAwiL35ii1DVzmJrohTSYLNgRl3PBfBjjTbrlp7oqvYWaZI2yC37ZF2XE
ndXSLp+pfySN1+SbbL0cWJaDPxE6A8il0QKCAQEAym74/0nG3sdLPZ4Q+vmGqFq8
8fih1a0mcDbPrCnMQ/GzQpQ/ky5Gtk0MBTn2nSeM1q+zYfsmkl1JJzNAK2v5s0O7
3MkRLPBopcjLaQkOPJg8mLmEn3c4o5bmSVgs3ggtcgxUkLkAVBrtFxlmJTSJF/ue
kex71pBw3EZf7MX2uslArEfqcjgLLUUB0hOuqg/stZK5eZiNrRaLe7/7mrjMSuag
rCoTlMJFQ0bCaPigWbnQ57RqRfBSMZvuRnQUwdDFqVEqMH0VXEE3bbh3ptedPhfO
Q258R8FtSMC9Ye10wIAtATgshjQFbvLGOQvCTZc42ZXpaTgdZnt1fOuXlX/txg==
-----END RSA PRIVATE KEY-----
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

既然已生成SSH密钥对，下一步是将公钥复制到要管理的服务器。

将公钥复制到远程服务器的最简单和推荐的方法是使用名为ssh-copy-id的实用程序。 在您的本地机器终端类型：

[root@liulihui /]# ssh-copy-id root@192.168.133.128
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.133.128's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.133.128'"
and check to make sure that only the key(s) you wanted were added.
1
2
3
4
5
6
7
8
9
10

如果本地计算机上没有ssh-copy-id实用程序，请使用以下命令复制公钥：

cat ~/.ssh/id_rsa.pub | ssh root@192.168.133.128 "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
1

使用SSH密钥登录服务器
完成上述步骤后，您应该能够登录到远程服务器而不会被提示输入密码。

要验证它，请尝试通过SSH登录到您的服务器：

ssh root@192.168.133.128
如果您没有为私钥设置密码，则会立即登录。 否则，系统将提示您输入密码。

# 测试
[root@liulihui ~]# ssh root@192.168.133.128
Last login: Thu Jan  5 00:56:46 2023 from 192.168.133.128
[root@liulihui ~]# 
1
2
3
4