ssh-keygen命令用于为ssh生成管理和转换认证密钥
发布时间:2023-07-19 10:11:43 所属栏目:Linux 来源:网络
导读: Linux常用命令ssh-keygen命令用于为“ssh”生成、管理和转换认证密钥,它支持RSA和DSA两种认证密钥,下面为大家分享一下Linux常用命令ssh-keygen命令命令具体使用方法。
Linux常用命令ssh-keygen命令用于为“ssh”生成、管理和转换认证密钥,它支持RSA和DSA两种认证密钥,下面为大家分享一下Linux常用命令ssh-keygen命令命令具体使用方法。 命令格式 语法 ssh-keygen [-q] [-b bits] -t type [-N new_passphrase] [-C comment] [-f output_keyfile] ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile] ssh-keygen -i [-f input_keyfile] ssh-keygen -e [-f input_keyfile] ssh-keygen -y [-f input_keyfile] ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile] ssh-keygen -l [-f input_keyfile] ssh-keygen -B [-f input_keyfile] ssh-keygen -D reader ssh-keygen -F hostname [-f known_hosts_file] ssh-keygen -H [-f known_hosts_file] ssh-keygen -R hostname [-f known_hosts_file] ssh-keygen -U reader [-f input_keyfile] ssh-keygen -r hostname [-f input_keyfile] [-g] ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point] ssh-keygen -T output_file -f input_file [-v] [-a num_trials] [-W generator] 常用选项 -b:指定密钥长度; -e:读取openssh的私钥或者公钥文件; -C:添加注释; -f:指定用来保存密钥的文件名; -i:读取未加密的ssh-v2兼容的私钥/公钥文件,然后在标准输出设备上显示openssh兼容的私钥/公钥; -l:显示公钥文件的指纹数据; -N:提供一个新密语; -P:提供(旧)密语; -q:静默模式; -t:指定要创建的密钥类型。 参考示例 创建一个默认密钥 [root@localhost ~]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:QfclO+AvXZ/O6vGNfzo4P2pftiHRoKG2fgc5p9bvu1o root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ | . o . . | | . o o + | | . ..+.. | | ..oooo..| | So..+. o.| | . .= .+ | | . *+ Eo| | . ++oO+=| | .o.+OO%*| +----[SHA256]-----+ [root@localhost ~]# 指定要创建的密钥类型 [root@localhost ~]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa already exists. Overwrite (y/n)? y Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:nTaoqOxlG6IQQ2zDTMvSk2EON+4tLrYqPy7IBrstoy4 root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ |..= | |*B.+ | |.X* | |+..o o . | |o o . S = | |.+ . . . . . | |*oo = . | |EBo= o | |%@B.. | +----[SHA256]-----+ [root@localhost ~]# 使用-t参数创建一个指定密钥的类型并添加注释 [root@localhost ~]# ssh-keygen -t rsa -C "deng@qq.com" Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa already exists. Overwrite (y/n)? y Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Wx3MWwj36fwhcnb6hjdIIJ3SUggCLcmFq62Earqy2E0 deng@qq.com The key's randomart image is: +---[RSA 2048]----+ | ..*o .. o . | | = .. . * o . | | o + * + | | . + * * | |. o S =.++oo | |.o . o +.+..| |o . E . ..o .| |++ o o.+ | |Oo. . o..| +----[SHA256]-----+ [root@localhost ~]# 读取openssh的私钥或者公钥文件 [root@localhost ~]# ssh-keygen -e Enter file in which the key is (/root/.ssh/id_rsa): ---- BEGIN SSH2 PUBLIC KEY ---- Comment: "2048-bit RSA, converted by root@localhost.localdomain from O" AAAAB3NzaC1yc2EAAAADAQABAAABAQCyQ/iZYPZHH7+4Gcfq259xChnidsf25piKsnRi+o /XZcD0s9QL8oX24OuX5pPQcmfD6Rw6sQCrTy66LrSw2NmPpKc0XdUbXEkLYBN4d3SY+ZLT 3Ot8L6jaDmwgXsBu8lTXzAEWLm+16RXAZAB/27ohi48PfcIDYyeJ1JDpieCJ1/a/KrR9V4 erWVBt/ZE8KoC0MTQlUn7H3oABVS9O6sdY4dYc/T9l33EbqZMc2feYZnuWtrPdrYfz37C+ kzg3ZrDojGXtiWk1p/PG5KoAH6GzuYYIuMtrUTnadRv4wZo29RF+n5Ty8HEeYqSceHWWvw Jjqnpqj9cgeNQvq6E3PJbD ---- END SSH2 PUBLIC KEY ---- [root@localhost ~]# 安静模式生成密钥对 [root@localhost ~]# ssh-keygen -q -t rsa Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa already exists. Overwrite (y/n)? y Enter passphrase (empty for no passphrase): Enter same passphrase again: [root@localhost ~]# (编辑:武汉站长网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
推荐文章
站长推荐