linux双向认证实现

原理
使用“公私钥”认证的方式进行ssh登录。

步骤
1、客户机生成”公私钥”,公钥文件”~/.ssh/id_rsa.pub”,私钥文件”~/.ssh/id_rsa”
2、上传公钥文件”~/.ssh/id_rsa.pub”到目标服务器,保留私钥文件”~/.ssh/id_rsa/id_rsa”
3、将上传的公钥文件”~/.ssh/id_rsa.pub”内容追加服务器”~/.ssh/authorized_keys”文件中
4、验证生效性

1、客户机生成”公私钥”,公钥文件”~/.ssh/id_rsa.pub”,私钥文件”~/.ssh/id_rsa”

1
2
3
4
5
> ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/wangjun/.ssh/id_rsa):
/Users/wangjun/.ssh/id_rsa already exists.
Overwrite (y/n)?

2、上传公钥文件”~/.ssh/id_rsa.pub”到目标服务器,保留私钥文件”~/.ssh/id_rsa/id_rsa”

1
> scp ~/.ssh/id_rsa.pub [email protected]:/root/

3、将上传的公钥文件“~/.ssh/id_rsa.pub”内容追加服务器~/.ssh/authorized_keys文件中

1
> cat id_rsa.pub >> ~/.ssh/authorized_keys

4、验证生效性,再次ssh登陆则不需要输入密码

以上时客户机到服务器的操作,服务器到客户机的操作一样,这样两台server互相登录操作则不需要认证授权即实现双向认证。

相关推荐