Author of the article: foochane
Original link: https://foochane.cn/article/2019061601.html
1 ssh-keygen command
ssh-keygen
Command Description:
- -t: Specifies the type of encryption (eg: rea, dsa)
- -C: Specifies a comment for identifying the key
Other parameters can view specific help
$ ssh-keygen help
Too many arguments.
usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa]
[-N new_passphrase] [-C comment] [-f output_keyfile]
ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
ssh-keygen -i [-m key_format] [-f input_keyfile]
ssh-keygen -e [-m key_format] [-f input_keyfile]
ssh-keygen -y [-f input_keyfile]
ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]
ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile]
ssh-keygen -B [-f input_keyfile]
ssh-keygen -F hostname [-f known_hosts_file] [-l]
ssh-keygen -H [-f known_hosts_file]
ssh-keygen -R hostname [-f known_hosts_file]
ssh-keygen -r hostname [-f input_keyfile] [-g]
ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]
ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]
[-j start_line] [-K checkpt] [-W generator]
ssh-keygen -s ca_key -I certificate_identity [-h] [-U]
[-D pkcs11_provider] [-n principals] [-O option]
[-V validity_interval] [-z serial_number] file ...
ssh-keygen -L [-f input_keyfile]
ssh-keygen -A
ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]
file ...
ssh-keygen -Q -f krl_file file ...
The actual situation is also less than so many parameters, you can specify the encryption type and comments.
E.g:
$ ssh-keygen -t rsa -C "[email protected]"
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\fucheng/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\fucheng/.ssh/id_rsa.
Your public key has been saved in C:\Users\fucheng/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:9OlHGn5uIlELfGIYXdWectiEV5XS2quWpD1qpd2QJC8 [email protected]
The key's randomart image is:
+---[RSA 2048]----+
| . ....o..=|
| . . ..+o |
| +. *+. |
| ..=.oooo=. |
| .S=+.=o. .|
| .o.E * . |
| .+ @ = |
| . .B.B . |
| ..++ . |
+----[SHA256]-----+
No password is required under normal circumstances, you can directly enter.
Executing the ssh-keygen
following will, under the user directory .ssh
under the file, generate a id_rsa
file and the id_rsa.pub
file.
id_rsa
File is a private key, to keep it on the local, the private key can produce public, not vice versa.id_rsa.pub
File is the public key, can be used to transmit to other servers, or the git.
2 ssh server settings without password
Prior to the public locally generated id_rsa.pub
, is sent to the server requires no password, and then id_rsa.pub
the content is added to the server's ~/.ssh/authorized_keys
file can be.
If you do not .ssh directory, create a good, or perform ssh localhost
log on locally, ssh will be automatically created.
It operates with the following command:
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
Also, if you want no password to log on locally localhost, then the local implementation of the above command can be, and then after the execution ssh localhost
does not need to enter the password.
3 Set ssh without password access git repository
Note that this visit is mainly private warehouse.
With github
, for example, find a personal home page, click [settings]
, find [SSH and GPG keys]
, new SSH keys
, local id_rsa.pub
copy of the content to the key
inside, tittle
you can easily fill, so configured.
To access the warehouse to find the home page, click on Clone or Download
will use Http
be replaced use SSH
, and then will display the corresponding warehouse address such as:[email protected]:uername/xxxxx.git
Use this address can be accessed without a password in the local warehouse.