Back-end skills: use the ssh config configuration file to manage ssh connections

Get into the habit of writing together! This is the 8th day of my participation in the "Nuggets Daily New Plan · April Update Challenge", click to view the details of the event .

foreword

Basic format of ssh config configuration file

Host   : hostName的别名
HostName： 是目标主机的主机名，也就是平时我们使用ssh后面跟的地址名称。
Port：指定的端口号。
User：指定的登陆用户名。
IdentifyFile：指定的私钥地址。
复制代码

Mac uses ~/.ssh config to configure GitHub SSH keys: https://kunnan.blog.csdn.net/article/details/78234772

I use the ssh config configuration file to manage ssh connections

1.1 Example

# Private 192.168.2.125
Host iPhone
HostName  192.168.2.125
User root 
IdentityFile ~/.ssh/id_rsa_Theos125

# Private gitlab.v6h5.
Host gitlab.v6h5.cn
HostName  gitlab.v6h5.
User git
IdentityFile ~/.ssh/id_rsa_qinbaowan
复制代码

1.2 Notes

• Be sure to remember to configure Host, otherwise other connections will not be able to connect: `Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

`

$ ssh iPhone
[email protected]'s password: 
iPhone:~ root# 

复制代码

• 将公钥传送到远程主机host上面ssh-copy-id remember to specify the authentication file

ssh-copy-id -i id_rsa_Theos125 [email protected]

复制代码

II Permission Settings for Private Key File

common problem:Permissions 0640 for '/Users/mac/.ssh/qctmac_id_rsa' are too open.

The file cannot be accessed by others, as long as the read permission of the group to which it belongs and others are canceled.

➜  .ssh chmod 600 qctmac_id_rsa
➜  .ssh chmod 644 qctmac_id_rsa.pub

-rw-r--r--@ 1 mac  staff   742  4  7 18:03 qctmac_id_rsa.pub
-rw-------@ 1 mac  staff  3434  4  7 18:03 qctmac_id_rsa

复制代码

III Prerequisites: SSH connection without password

1. Create rsa:ssh-keygen -t rsa -b 4096 -C "[email protected]"

2. Configure config:➜ .ssh touch config

3. Use pbcopy or ssh-copy-id to copy the public key to the corresponding remote server

➜ .ssh pbcopy < ~/.ssh/qctmac_id_rsa.pub

Use ssh-copy-id for reporting

ssh-copy-id: Do not leak the private key! Just copy the public key (*.pub file) to the remote server;

`$ ssh-copy-id -i ~/.ssh/id_rsa_Theos125 [email protected]

`(IP+default port here copies the public key, if the private key is specified ssh-copy-id will find the public key by itself.)

If it is configured on a company Mac, remember to set a password and remove the ~/.ssh/ directory when changing Macs xx_id_rsa/xx_id_rsa.pub.

kunnan.blog.csdn.net/article/det…

3.1 Create rsa

ssh-keygen -t rsa -b 4096 -C "[email protected]"

3.2 Configuring ssh config

config file syntax

Host  别名
HostName： 是目标主机的主机名，也就是平时我们使用ssh后面跟的地址名称。
Port：指定的端口号。
User：指定的登陆用户名。
IdentifyFile：指定的私钥地址。
复制代码

# Private 192.168.2.125
Host iphone
HostName  192.168.2.125
User root 
IdentityFile ~/.ssh/id_rsa_Theos125

# Private github
Host github.com
HostName  github.com
User git
IdentityFile ~/.ssh/id_rsa

# git clone [email protected]:u011018979/resume.git

Host codechina.csdn.net
HostName  codechina.csdn.net
User git
IdentityFile ~/.ssh/qctmac_id_rsa

复制代码

3.3 Test the connection

➜  csdn ssh -T [email protected]       
Enter passphrase for key '/Users/mac/.ssh/qctmac_id_rsa': 
Welcome to GitLab, @u011018979!


复制代码

Connect iPhone

$ ssh iPhone
[email protected]'s password: 
iPhone:~ root# 



复制代码

3.4 Case: Configuring GitHub SSH keys

Enter ls -al ~/.ssh to see if existing SSH keys are present:

If you don't have an existing public and private key pair, or don't wish to use any that are available to connect to GitHub, then generate a new SSH key.

ssh-keygen -t rsa -b 4096 -C "[email protected]"

Add the corresponding public key to the corresponding remote server: .ssh pbcopy < ~/.ssh/qctmac_id_rsa.pub

Configure email and username: git config --global --edit

Modify author : git commit --amend --reset-author

Effect

see also

SSH principle and application (1): remote login