CentOS (rsa & dsa) 公钥与密钥的使用

i-david

1，基本环境

系统版本
[centospub@davidserver ~]$ cat /etc/issue;uname -aCentOS release 6.3 (Final)Kernel \r on an \mLinux davidserver 2.6.32-279.el6.x86_64 #1 SMP Fri Jun 22 12:19:21 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

用户
centospub:x:502:502::/home/centospub:/bin/bash

密码
centospub

管理机
10.0.0.9

被管理机
10.0.0.10

2，管理机生成公钥和密钥
[centospub@davidserver ~]$ ssh-keygen -t dsaGenerating public/private dsa key pair.Enter file in which to save the key (/home/centospub/.ssh/id_dsa):Created directory '/home/centospub/.ssh'.Enter passphrase (empty for no passphrase):Enter same passphrase again: Your identification has been saved in /home/centospub/.ssh/id_dsa.Your public key has been saved in /home/centospub/.ssh/id_dsa.pub.The key fingerprint is:19:e8:fd:c8:01:32:da:a3:18:de:7e:83:c4:2d:f2:7f centospub@davidserver

文件修改
[centospub@davidserver ~]$ cd .ssh/[centospub@davidserver .ssh]$ lsid_rsa.pub id_rsa[centospub@davidserver .ssh]$ mv id_rsa.pub authorized_keys  [centospub@davidserver .ssh]$ chmod 400 authorized_keys  

3，将公钥传到被管理机
[centospub@davidserver .ssh]$ scp authorized_keys centospub@10.0.0.10:/home/centospub/.sshThe authenticity of host '10.0.0.10 (10.0.0.10)' can't be established.RSA key fingerprint is 6e:49:32:73:8d:40:4e:f2:ee:dc:48:fb:3e:37:a3:b8.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '10.0.0.10' (RSA) to the list of known hosts.shuqing@10.0.0.10's password: id_dsa.pub                       100%  602     0.16KB/s   00:00

4，管理机通过公钥连被管理机
[centospub@davidserver ]$ ssh centospub@10.0.0.10

指定私钥
[centospub@davidserver ]$ ssh centospub@10.0.0.10 -i .ssh/id_dsa.it.20120915