登录ssh配置(in Windows)
生成公钥和私钥
cmd
; 生成公钥和私钥
ssh-keygen -t rsa
; 查看公钥
type %userprofile%\.ssh\id_rsa.pub
; id_rsa: private key.
; id_rsa.pub: public key.
cmd
type C:\Users\*\.ssh\id_rsa.pub
mkdir /root/.ssh/
vim /root/.ssh/authorized_keys
(1) 使用root登录SSH(使用普通用户的账号)
1.以普通用户使用ssh
cmd
set IP=<ip>
set USER=<user>
set PORT=22
ssh %USER%^@%IP% -p %PORT%
shell
sudo service sshd status
# config sshd
cat /etc/ssh/sshd_config |grep PermitRootLogin
sudo sed -i "s/.*PermitRootLogin prohibit-password.*/PermitRootLogin yes/g" /etc/ssh/sshd_config
## 开启 PasswordAuthentication,默认为yes,表示允许使用密码的方式登录
cat /etc/ssh/sshd_config |grep PasswordAuthentication
sudo sed -i "s/#PasswordAuthentication no/PasswordAuthentication yes/g" /etc/ssh/sshd_config
sudo service sshd restart
# sudo service sshd status | grep Active
(2) 使用公钥登录SSH(使用root的账号)
cmd
# 将公钥上传到服务器并添加到授权密钥列表
set IP={IP}
set PORT=22
set USER=root
set HOST=%USER%^@%IP%
set SSH_HOST_ENV=ssh -p %PORT% -t %HOST%
scp -P %PORT% %userprofile%\.ssh\id_rsa.pub %HOST%:~/id_rsa.pub.tmp
%SSH_HOST_ENV% "sh -c 'cat ~/id_rsa.pub.tmp >> ~/.ssh/authorized_keys'; sh -c 'rm ~/id_rsa.pub.tmp'; sh -c 'cat ~/.ssh/authorized_keys'"
(3) 使用公钥登录SSH(使用普通用户的账号)
1.以普通用户使用ssh
cmd
set IP=<ip>
set USER=<user>
set PORT=22
; 上传id_rsa.pub
set FILE_PUB=%userprofile%\.ssh\id_rsa.pub
scp -P %PORT% %FILE_PUB% %USER%^@%IP%:~/id_rsa.pub.tmp
; 以普通用户使用ssh
ssh %USER%^@%IP% -p %PORT%
2.0.清空证书(当证书异常时使用)
shell
# 清空证书
sudo echo -n > /root/.ssh/authorized_keys
# 查看证书
sudo cat /root/.ssh/authorized_keys
2.1.配置证书
shell
sudo bash
# 追加证书
sudo cat id_rsa.pub.tmp >> /root/.ssh/authorized_keys && sudo rm -rf id_rsa.pub.tmp
# 查看证书
sudo cat /root/.ssh/authorized_keys
exit
exit
3.测试ssh
cmd
set IP=<ip>
; 以root用户登录
set USER=root
set PORT=22
; 访问ssh
; ssh %USER%^@%IP% -p %PORT%
; 执行命令
set COMMAND=cat /root/.ssh/authorized_keys
ssh -p %PORT% -t %USER%^@%IP% "sh -c '%COMMAND%'"