一实验环境
MAC 主机上安装Wmware Fusion ,运行了一台Linux主机。 MAC和Fusion之间是桥接模式。 MAC的地址为10.1.195.148, 虚拟机的IP为 10.1.195.193
二 步骤
1 在本地主机生成RSA 公钥和私钥。命令为
ssh-keygen -t rsa
这里选择的加密类型为RSA ,程序会提示你输入口令,这里不输入也可以生成密钥,但是这样安全性没有保障。
pingMacBook-Pro:~ ping$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/ping/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
输入口令后提示生成密钥成功
Your identification has been saved in /Users/ping/.ssh/id_rsa.
Your public key has been saved in /Users/ping/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:V+9pjPA42kncpJrRewzW/bkOltiEWx5543kawvkiNwE ping@pingMacBook-Pro.local
The key's randomart image is:
+---[RSA 2048]----+
| |
| |
| . |
| E.... |
| S o+.*.o |
| +oOX=*.o|
| ..B=BB*+o|
| B.+B+.+o|
| + ++ o+o.|
+----[SHA256]-----+
生成的秘钥默认保存在 ~/.ssh 文件夹里,里面有俩个文件,其中 id_rsa.pub 为公钥, id_rsa 为私钥
2 将公钥上传到远程主机
使用的命令为 ssh-copy-id
pingMacBook-Pro:.ssh ping$ ssh-copy-id ping@10.1.195.148
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/ping/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ping@10.1.195.148's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'ping@10.1.195.148'"
and check to make sure that only the key(s) you wanted were added.
这里会要求输入生成秘钥时候的口令
3 验证
pingMacBook-Pro:.ssh ping$ ssh ping@10.1.195.148
Enter passphrase for key '/Users/ping/.ssh/id_rsa':
Activate the web console with: systemctl enable --now cockpit.socket
Last login: Sun Jan 19 03:25:51 2020 from 10.1.195.193
只要输入口令,就可以登录成功。