ssh-keygen 用于:生成、管理和转换认证密钥。
常用参数:
-t type:指定要生成的密钥类型,有rsa1(SSH1),dsa(SSH2),ecdsa(SSH2),rsa(SSH2)等类型,较为常用的是rsa类型
-C comment:提供一个新的注释
-b bits:指定要生成的密钥长度 (单位:bit),对于RSA类型的密钥,最小长度768bits,默认长度为2048bits。DSA密钥必须是1024bits
-f filename:指定生成的密钥文件名字
Linux下使用ssky-keygen无密码登录服务器步骤:
1.使用ssh-keygen在本机上生成密钥:
[Jiakun@Kunge ~]$ ssh-keygen -t rsa -C "aaa@gmail.com|bbb@126.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/zzf/.ssh/id_rsa):[Enter key]
/home/zzf/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):[Enter key]
Enter same passphrase again:[Enter key]
Your identification has been saved in /home/zzf/.ssh/id_rsa.
Your public key has been saved in /home/zzf/.ssh/id_rsa.pub.
The key fingerprint is:
ac:15:9d:97:2a:f3:43:ed:64:25:38:ad:54:d2:bd:c8 aaa@gmail.com|bbb@126.com
此时在本机上生成如下一个公钥和一个私钥文件:
[Jiakun@Kunge ~]$ ll ./.ssh/
总用量 12
-rw-------. 1 Jiakun Jiakun 1675 5月 19 19:44 id_rsa
-rw-r--r--. 1 Jiakun Jiakun 420 5月 19 19:44 id_rsa.pub
id_rsa是私钥
id_rsa.pub是公钥
将id_rsa.pub拷贝到目标机器上家目录的.ssh目录中(没.ssh目录,自行创建),并将文件重命名为:authorized_keys,修改权限及属主属组:
mv id_rsa.pub authorized_keys
chmod 600 authorized_keys
chown zzf:zzf authorized_keys