CentOS (rsa & dsa) 公钥与密钥的使用

1，基本环境

系统版本

[centospub@davidserver ~]$ cat /etc/issue;uname -a
CentOS release 6.3 (Final)
Kernel \r on an \m

Linux davidserver 2.6.32-279.el6.x86_64 #1 SMP Fri Jun 22 12:19:21 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

用户
centospub:x:502:502::/home/centospub:/bin/bash

密码
centospub

管理机
10.0.0.9

被管理机
10.0.0.10

2，管理机生成公钥和密钥

[centospub@davidserver ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/centospub/.ssh/id_dsa):
Created directory '/home/centospub/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again: 
Your identification has been saved in /home/centospub/.ssh/id_dsa.
Your public key has been saved in /home/centospub/.ssh/id_dsa.pub.
The key fingerprint is:
19:e8:fd:c8:01:32:da:a3:18:de:7e:83:c4:2d:f2:7f centospub@davidserver

文件修改

[centospub@davidserver ~]$ cd .ssh/
[centospub@davidserver .ssh]$ ls
id_rsa.pub id_rsa
[centospub@davidserver .ssh]$ mv id_rsa.pub authorized_keys  
[centospub@davidserver .ssh]$ chmod 400 authorized_keys  

3，将公钥传到被管理机

[centospub@davidserver .ssh]$ scp authorized_keys centospub@10.0.0.10:/home/centospub/.ssh
The authenticity of host '10.0.0.10 (10.0.0.10)' can't be established.
RSA key fingerprint is 6e:49:32:73:8d:40:4e:f2:ee:dc:48:fb:3e:37:a3:b8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.10' (RSA) to the list of known hosts.
shuqing@10.0.0.10's password: 
id_dsa.pub                       100%  602     0.16KB/s   00:00

4，管理机通过公钥连被管理机

[centospub@davidserver ]$ ssh centospub@10.0.0.10

指定私钥

[centospub@davidserver ]$ ssh centospub@10.0.0.10 -i .ssh/id_dsa.it.20120915