windows ssh密钥_如何通过Windows从密钥转发进行SSH Hop

windows ssh密钥

windows ssh密钥

Do you have the need to work with SSH keys from Windows and you find that this becomes a hassle very quickly? HTG goes into how to make the process as transparent as possible, using The PuTTY package suite.

您是否需要使用Windows的SSH密钥,并且发现这很快变得很麻烦? HTG使用PuTTY软件包套件研究如何使过程尽可能透明。

Image by kaneda99.

图片由kaneda99提供

总览 (Overview)

In this guide we’ll explain how to SSH to a Linux machine from Windows with your public key, using Putty & Winscp. In addition, we will enable the forwarding option. This will allow you to continue to jump from the machine you’ve connected to with your key, to another machine that supports SSHing with keys. We will not go into how to put your public key on the Linux machine, as we have already covered this topic.

在本指南中,我们将说明如何使用Putty&Winscp使用公用密钥从Windows SSH到Linux计算机。 此外,我们将启用转发选项。 这样一来,您就可以继续从使用密钥连接的计算机跳到另一台支持使用密钥进行SSH加密的计算机。 因为我们已经讨论了这个主题,所以我们不会讨论如何将您的公钥放置在Linux机器上。

Install basic programs/packages

安装基本程序/软件包

  • Obtain the PuTTY package (not just the executable) and install it.

    获取PuTTY软件包(不仅仅是可执行文件)并安装。

  • Optionally obtain the programs WinSCP and mRemote, and install them.

    (可选)获取程序WinSCPmRemote ,然后安装它们。

生成密钥对 (Generate a Key pair )

If you haven’t created a key pair yet, and you want to do it from the comfort of your Windows desktop, you can use “PuTTY Key Generator” which was installed as part of the “PuTTY package“:

如果尚未创建密钥对,并且想要在Windows桌面上舒适地使用它,则可以使用作为“ PuTTY软件包”的一部分安装的“ PuTTY密钥生成器”:

  • Open “PuTTY Key Generator” by going into “Start” -> “PuTTY” -> “PuTTYgen”

    进入“开始”->“ PuTTY”->“ PuTTYgen”,打开“ PuTTY Key Generator”
  • While not required, it is recommended that you change the length of your key from the default 1024. Change the number of “bits” at the bottom from “1024” to “4096”.

    虽然不是必需的,但建议您将密钥的长度从默认的1024更改。将底部的“位数”数量从“ 1024”更改为“ 4096”。
  • Click “Generate” and move your mouse around randomly until the bar reaches 100%. This “salts” your key, so try to make your mouse movements as random as possible.

    单击“生成”,然后随机移动鼠标,直到条达到100%。 这会“盐化”您的按键,因此请尝试使鼠标的移动尽可能随机。

  • Once the program is done generating the key,

    程序生成密钥后,
  • On the “Key Comment” line, change it to be something more useful like your name. For example:

    在“关键评论”行上,将其更改为更有用的名称,例如您的名字。 例如:

  • While not required, it is highly recommended that you set a passphrase on the private key. This will protect your private key in case some one gains access to it and you will only be bothered with entering once at machine boot up, if you perform all the steps in the guide.

    虽然不是必需的,但强烈建议您在私钥上设置密码。 如果您执行了本指南中的所有步骤,这将保护您的私钥,以防万一有人可以访问它,并且只有在计算机启动时才输入一次即可。
  • Click on “Save private key”.

    点击“保存私钥”。
Note: If you already have a saved private key, you can “extract” the public portion by “load”ing it with the generator.
注意:如果您已经有保存的私钥,则可以通过将生成器“加载”到公共部分来“提取”公共部分。

配置关键军需官 (Configuring the Key-quartermaster)

The “Pageant” program that was installed as part of the PuTTY package, can store your key/s and give them to mRemote, WinSCP and PuTTY as required.

作为PuTTY软件包的一部分安装的“ Pageant”程序可以存储您的密钥,并根据需要将其提供给mRemote,WinSCP和PuTTY。

  • Open “Pageant” from the start menu. (Note: it may run off to the system tray)

    从开始菜单中打开“选美”。 (注意:它可能会流到系统托盘上)

  • If it has run off to the system tray, double click it, to bring up the main window.

    如果它已经流到系统托盘,请双击它以打开主窗口。
  • Click “Add Key” and give it your saved Key Pair.

    单击“添加密钥”,然后将其保存为密钥对

  • If need be, provide the passphrase.

    如果需要,请提供密码。

Done, from now on, Putty, WinSCP and any program that serves as a fronted for them (like mRemote) will first consult with the Pageant program if there is a key to use for the connection.

从现在开始,Putty,WinSCP和充当它们前端的任何程序(如mRemote)将首先与Pageant程序进行协商(如果有用于连接的密钥)。

Loading Keys automatically at startup (Optional)

启动时自动加载密钥(可选)

The process above needs to be repeated after every machine reboot, as Pageant doesn’t save loaded key configurations. To have it load the configuration automatically at startup, you can use one of the two methods below:

每次重新启动计算机后,都需要重复上述过程,因为Pageant不会保存已加载的密钥配置。 要使其在启动时自动加载配置,可以使用以下两种方法之一:

  1. Assuming you’ve allowed Pageant to take over the ppk suffix, you should be able to simply add the key files to the Windows “startup” folder.

    假设您已允许Pageant接管ppk后缀,则应该只需将密钥文件添加到Windows“启动”文件夹中即可。
  2. Create a shortcut to the program that passes the key-files as parameters.  For example, the “Target” command for two(2) keys would look like:

    创建一个将密钥文件作为参数传递的程序的快捷方式。 例如,用于两(2)个键的“目标”命令如下所示:

    “C:\Program Files (x86)\PuTTY\pageant.exe” “C:\Users\AviadR\Documents\aviad’s 4096.ppk”  “C:\Users\AviadR\Documents\aviad’s 1024.ppk

    “ C:\ Program Files(x86)\ PuTTY \ pageant.exe”“ C:\ Users \ AviadR \ Documents \ aviad的4096.ppk”“ C:\ Users \ AviadR \ Documents \ aviad的1024.ppk

  • Then, add this shortcut to window’s startup.

    然后,将此快捷方式添加到window的启动中。

Enable SSH Agent forwarding (PuTTY/mRemote)

启用S​​SH代理转发(PuTTY / mRemote)

This configuration is optional, but doing it will allow you once you’ve SSHed into a machine to continue and SSH from it, to the next machine, with the same key. To do this:

此配置是可选的,但是这样做可以使您在SSH进入一台计算机后继续操作,并使用相同的密钥从SSH到下一台计算机。 去做这个:

  • Open PuTTY.

    打开腻子。
  • Under “Connection” -> “SSH” -> “Auth”.

    在“连接”->“ SSH”->“身份验证”下。
  • Check the “Allow agent forwarding”.

    检查“允许代理转发”。

  • Go back to “Session”

    返回“会话”
  • Select the “Default Settings” entry.

    选择“默认设置”条目。
  • Click on “Save”.

    点击“保存”。

  • Done.

    做完了

Enable SSH Agent forwarding (WinSCP)

启用S​​SH代理转发(WinSCP)

  • In a WinSCP new connection tab, Enable the Advance options checkbox.

    在WinSCP的新连接选项卡中,启用高级选项复选框。
  • Go to the “SSH” -> “Authentication”.

    转到“ SSH”->“身份验证”。
  • Check the “Allow agent forwarding” checkbox.

    选中“允许代理转发”复选框。

  • Go to the “General Options” by clicking on “Preferences” -> “Preferences”.

    通过单击“首选项”->“首选项”转到“常规选项”。

  • Enable Putty to be invoked with the  forwarding option by going into “Integration” -> “Application” and appending the “-A” CLI option.

    通过进入“集成”->“应用程序”并附加“ -A” CLI选项,启用使用转发选项调用Putty的功能。

  • You can now make this the template for subsequent connections by going back to “Session” and typing in, the basic information that you know will be uniform across all connections (if any), like Username, IP, Etc’. Then “save” the session.

    现在,您可以返回“会话”并输入,从而将其作为后续连接的模板,您所知道的基本信息将在所有连接(如果有)中统一,例如用户名,IP,等等。 然后“保存”会话。
Author’s Notes 作者笔记
Ubuntu’s bug #1 “Microsoft has a majority desktop market share”, still holds true. maybe one day we’ll move to the Linux desktop completely, but that day will not be today and not for the Ubuntu的错误#1 “微软在台式机市场上占有多数”仍然成立。 也许有一天,我们将完全迁移到Linux桌面,但今天不是今天,也不是 35 year old shell. 35岁的Shell


Spike: So i guess i served my time and i’m free to go?
SoundWave: Free to go, to Cybertron…

Spike:所以我想我已经尽职了,我有空吗? SoundWave:可以自由去塞伯坦…

翻译自: https://www.howtogeek.com/125364/how-to-ssh-hop-with-key-forwarding-from-windows/

windows ssh密钥

  • 0
    点赞
  • 0
    评论
  • 1
    收藏
  • 扫一扫,分享海报

表情包
插入表情
评论将由博主筛选后显示,对所有人可见 | 还能输入1000个字符
©️2022 CSDN 皮肤主题:大白 设计师:CSDN官方博客 返回首页
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值