Wiwọle Wiwọle Ọrọigbaniwọle SSH Lilo SSH Keygen ni Awọn igbesẹ Rọrun 5

SSH (SHELL ti o ni aabo) jẹ orisun ṣiṣi ati ilana ilana igbẹkẹle ti o gbẹkẹle ti o lo lati buwolu wọle si awọn olupin latọna jijin fun ipaniyan awọn ofin ati awọn eto. O tun lo lati gbe awọn faili lati kọmputa kan si kọnputa miiran lori nẹtiwọọki nipa lilo Protocol ẹda to ni aabo (SCP).

Ninu àpilẹkọ yii, a yoo fi ọ han bi o ṣe le ṣeto iwọle ti ko ni ọrọ igbaniwọle lori RHEL/CentOS ati Fedora ni lilo awọn bọtini ssh lati sopọ si awọn olupin Linux latọna jijin lai tẹ ọrọigbaniwọle sii. Lilo wiwọle iwọle Ọrọigbaniwọle pẹlu awọn bọtini SSH yoo mu igbẹkẹle pọ si laarin awọn olupin Linux meji fun amuṣiṣẹpọ faili irọrun tabi gbigbe.

SSH Client : 192.168.0.12 ( Fedora 21 )
SSH Remote Host : 192.168.0.11 ( CentOS 7 )

Ti o ba n ba nọmba kan ti awọn olupin latọna jijin Linux, lẹhinna wiwọle SSH ti ko ni Ọrọigbaniwọle jẹ ọkan ninu awọn ọna ti o dara julọ lati ṣe adaṣe awọn iṣẹ-ṣiṣe bii awọn afẹyinti aifọwọyi pẹlu awọn iwe afọwọkọ, awọn faili amuṣiṣẹpọ nipa lilo SCP, ati ipaniyan pipaṣẹ latọna jijin.

Ni apẹẹrẹ yii, a yoo ṣeto agbewọle iwọle ọrọigbaniwọle-kere si SSH lati ọdọ olupin 192.168.0.12 bi tecmint olumulo si 192.168.0.11 pẹlu sheena olumulo.

Igbesẹ 1: Ṣẹda Ijeri Awọn bọtini SSH-Keygen lori - (192.168.0.12)

Wọle akọkọ sinu olupin 192.168.0.12 pẹlu tecmint olumulo ati ṣe ina awọn bọtini gbangba ni lilo aṣẹ atẹle.

[tecmint@linux-console.net ~]$ ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/tecmint/.ssh/id_rsa): [Press enter key]
Created directory '/home/tecmint/.ssh'.
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Press enter key]
Your identification has been saved in /home/tecmint/.ssh/id_rsa.
Your public key has been saved in /home/tecmint/.ssh/id_rsa.pub.
The key fingerprint is:
5f:ad:40:00:8a:d1:9b:99:b3:b0:f8:08:99:c3:ed:d3 [email 
The key's randomart image is:
+--[ RSA 2048]----+
|        ..oooE.++|
|         o. o.o  |
|          ..   . |
|         o  . . o|
|        S .  . + |
|       . .    . o|
|      . o o    ..|
|       + +       |
|        +.       |
+-----------------+

Igbesẹ 2: Ṣẹda .ssh Directory lori - 192.168.0.11

Lo SSH lati olupin 192.168.0.12 lati sopọ olupin 192.168.0.11 ni lilo sheena bi olumulo kan ati ṣẹda itọsọna .ssh labẹ rẹ, ni lilo pipaṣẹ atẹle.

[tecmint@tecmint ~]$ ssh sheena@192.168.0.11 mkdir -p .ssh

The authenticity of host '192.168.0.11 (192.168.0.11)' can't be established.
RSA key fingerprint is 45:0e:28:11:d6:81:62:16:04:3f:db:38:02:la:22:4e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.11' (ECDSA) to the list of known hosts.
sheena@192.168.0.11's password: [Enter Your Password Here]

Igbesẹ 3: Po si Awọn bọtini Gbangba Ti ipilẹṣẹ si - 192.168.0.11

Lo SSH lati olupin 192.168.0.12 ki o gbe bọtini bọtini gbangba ti o ṣẹda (id_rsa.pub) sori olupin 192.168.0.11 labẹ ilana sheena’s .ssh bi orukọ faili ti a fun ni aṣẹ_keys.

[tecmint@tecmint ~]$ cat .ssh/id_rsa.pub | ssh sheena@192.168.0.11 'cat >> .ssh/authorized_keys'

sheena@192.168.1.2's password: [Enter Your Password Here]

Igbesẹ 4: Ṣeto Awọn igbanilaaye lori - 192.168.0.11

Nitori awọn ẹya SSH oriṣiriṣi lori awọn olupin, a nilo lati ṣeto awọn igbanilaaye lori itọsọna .ssh ati faili aṣẹ_keys.

[tecmint@tecmint ~]$ ssh sheena@192.168.0.11 "chmod 700 .ssh; chmod 640 .ssh/authorized_keys"

sheena@192.168.0.11's password: [Enter Your Password Here]

Igbesẹ 5: Buwolu wọle lati 192.168.0.12 si 192.168.0.11 Server laisi Ọrọigbaniwọle

Lati isisiyi lọ o le wọle sinu 192.168.0.11 bi olumulo sheena lati olupin 192.168.0.12 bi olumulo tecmint laisi ọrọ igbaniwọle kan.

[tecmint@tecmint ~]$ ssh sheena@192.168.0.11