SSH protocol provides different ways for authentication. Key based authentication is the most secure one. In order to use key based authentication we should store the key in a command place. SSH agents reads keys and uses for authentication with remote system. We can use ssh-add
to store keys in a common path.
SSH协议提供了不同的身份验证方法。 基于密钥的身份验证是最安全的一种。 为了使用基于密钥的身份验证,我们应该将密钥存储在命令位置。 SSH代理读取密钥并用于与远程系统的身份验证。 我们可以使用ssh-add
将密钥存储在公共路径中。
密钥文件 (Key Files)
Public and private keys are store in files according to their algorithm.
公钥和私钥根据其算法存储在文件中。
~/.ssh/identity
holds RSA version 1 identity~/.ssh/identity
持有RSA版本1身份~/.ssh/id_dsa
holds DSA version 2 identity~/.ssh/id_dsa
拥有DSA版本2身份~/.ssh/id_rsa
holds RSA version 2 identity~/.ssh/id_rsa
拥有RSA版本2身份
If identity keys are readable by others they can not used by ssh-add.
如果身份密钥可由其他人读取,则ssh-add无法使用它们。
启动Ssh代理 (Start Ssh Agent)
ssh-agent
is used to read keys for authentication. ssh-agent
works as daemon. We can simply start it like below.
ssh-agent
用于读取密钥以进行身份验证。 ssh-agent
用作守护程序。 我们可以像下面这样简单地启动它。
$ eval `ssh-agent`
![Start Ssh Agent](https://i-blog.csdnimg.cn/blog_migrate/2a644e597016bf98cdc557d45cdb2be3.png)
添加SSH密钥(Add Ssh Key)
We will add ssh keys with the ssh-add
. We will provide the key we want to add. If the key is protected with encryption we need to provide the password. In this example we will add key named mykey
. This key is located in the current working directory but we can also provide absolute path of the key.
我们将使用ssh-add
添加ssh密钥。 我们将提供我们要添加的密钥。 如果密钥受加密保护,我们需要提供密码。 在此示例中,我们将添加名为mykey
密钥。 该密钥位于当前工作目录中,但我们也可以提供该密钥的绝对路径。
$ ssh-add mykey
![Add Ssh Key](https://i-blog.csdnimg.cn/blog_migrate/61f17df22a945848da85448642474699.png)
列出Ssh键(List Ssh Keys)
We can list added ssh keys with the -L
option like below. This will also print the type of the key with the name at the end of the line.
我们可以使用-L
选项列出添加的ssh键,如下所示。 这还将在行的末尾显示键的类型。
$ ssh-add -L
![List Ssh Keys](https://i-blog.csdnimg.cn/blog_migrate/f1a4ee47f42351929d24719fdb26e775.png)
翻译自: https://www.poftut.com/add-ssh-keys-with-ssh-add-in-linux/