ssh で公開鍵ログインする備忘録です.PC を新調しない限りやらないので,さすがに覚えてられません.と言うことで,備忘録です.
手順は,まず秘密鍵と公開鍵を,
$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/Users/hyt/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/hyt/.ssh/id_rsa. Your public key has been saved in /Users/hyt/.ssh/id_rsa.pub. The key fingerprint is: SHA256:nOPz3UtTDdJLsY7y6yjC3dr++STl3PtzaKmy5uZf4Hq [email protected] The key's randomart image is: +---[RSA 2048]----+ | | | . o | | . = | | . . o.| | S . o o| | . . o . . | | . .oo +=o+ | | o o+BA=X.. | | .E*XX&==. | +----[SHA256]-----+
みたいな感じで作る.ssh で何も打たずにログインしたいときは passphrase は空のままにしておけば OK.
なお,ssh-keygen のオプションは,
ssh-keygen -t 鍵種類 -b 鍵長 -C コメント
らしい.
次に公開鍵(id_rsa.pub)を接続先の ~/.ssh/authorized_keys に追加する.
これ,エディタ等を使って,接続先の authorized_keys に追記しても良いんですが(実際今までそうしていた),ssh-copy-id ってコマンドがあったんですね.
と言うことで,使い方は,
$ ssh-copy-id -i .ssh/id_rsa.pub [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added.
みたいな感じですね.なお,「-i .ssh/id_rsa.pub」は省略可能です.
以上!