접속 방식
- client장비에서 sshkey 생성
client$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): #엔터키 입력
Enter same passphrase again: #엔터키 입력
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:123123 root@client
The key's randomart image is:
+---[RSA 2048]----+
| |
| . . |
| . = |
| . +.+ |
| S.o=o. . |
| o= + .| | .+.o=o+o|
| .oo=oB*+oE|
| o==B+o+==|
+----[SHA256]-----+- server 1~3까지 ssh 키 복사
- 1. ssh-copy-id 명령어를 이용한 키 복사 (둘중에 하나만 사용하면 됩니다.)
client$ ssh-copy-id 192.168.10.101
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.10.101 (192.168.10.101)' can't be established.
ECDSA key fingerprint is SHA256:123412ss.
ECDSA key fingerprint is MD5:01:15:23:36:78:47:11:ca:19:7a:20:30:e7:41:77:b2.
Are you sure you want to continue connecting (yes/no)? yes #최초접속의 경우 yes 입력
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.10.101's password: #server장비의 root패스워드 입력
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.10.101'"
and check to make sure that only the key(s) you wanted were added.- 파일 복사를 이용한 키 복사
- client에서 수행
client$ cat id_rsa.pub (출력되는 전체 텍스트 복사)
ssh-rsa 123QWE root@client- server에서 수행
server$ mkdir .ssh/
server$ echo "복사한 텍스트 붙여넣기" > authorized_keys
server$ chmod 700 .ssh
server$ chmod 600 .ssh/authorized_keys- client에서 sever로 ssh 접속 테스트
client$ hostname
client
server$ ssh 192.168.10.101
server$ hostname
server
