🗒️ssh
相关目录及文件,如下:
~/.ssh » ll
total 64
-rw------- 1 username staff 419B Mar 29 23: 31 id_ed25519
-rw-r--r-- 1 username staff 106B Mar 29 23: 31 id_ed25519.pub
-rw------- 1 username staff 1.6K May 27 2016 id_rsa
-rw-r--r-- 1 username staff 412B May 27 2016 id_rsa.pub
-rw-r--r-- 1 username staff 15K Mar 29 23: 52 known_hostsknown_hosts
known_hosts 文件,记录我们访问过的计算机的 public key。如下:
~/.ssh » cat known_hosts
x.x.x.x ssh-rsa AAAAB3...Nw==
x.x.x.x ecdsa-sha2-nistp256 AAAAE2...7B/w=
domainname.com ssh-ed25519 AAAAC3...fVov当我们用 ssh 连接到一个新服务器时,ssh 会让我们确认服务器的信息(IP/domain-name, public key),确认了之后就会被写到 known_hosts 里。
~/GitHub/project-name(master) » git push
The authenticity of host 'github.com (x.x.x.x)' can't be established.
ECDSA key fingerprint is SHA256:p2...c98/R1...u3/Li...M.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'github.com,x.x.x.x' (ECDSA) to the list of known hosts.此时再看 known_hosts 文件,最后一行会新增如下内容:
github.com,x.x.x.x ecdsa-sha2-nistp256 AAAAE2...dT/y..B/++T...g=以后再连接到这个服务器时,如果信息变了(通常是 public key 变了),就会提示我们服务器信息变了。此时,我们可以将其从 known_hosts 里删除,然后重新确认。
秘钥对
制作 private key 和 public key:
ssh-keygen # 建立秘钥对
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
ssh-keygen -t ed25519 -C "your_email@example.com"# Github 支持的 public keys 格式
id_rsa.pub
id_ecdsa.pub
id_ed25519.pub其它
authorized_keys 可以让两个 linux 机器之间使用 ssh 不需要用户名和密码
把客户端 public key 上传到服务器,并将其添加到 authorized_keys
在服务器上安装公钥 >> authorized_keys
Last updated