Author of the article: foochane
Original link: https://foochane.cn/article/2019061601.html
1 ssh-keygen command
ssh-keygenCommand Description:
- -t: Specifies the type of encryption (eg: rea, dsa)
- -C: Specifies a comment for identifying the key
Other parameters can view specific help
$ ssh-keygen help
Too many arguments.
usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa]
[-N new_passphrase] [-C comment] [-f output_keyfile]
ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
ssh-keygen -i [-m key_format] [-f input_keyfile]
ssh-keygen -e [-m key_format] [-f input_keyfile]
ssh-keygen -y [-f input_keyfile]
ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]
ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile]
ssh-keygen -B [-f input_keyfile]
ssh-keygen -F hostname [-f known_hosts_file] [-l]
ssh-keygen -H [-f known_hosts_file]
ssh-keygen -R hostname [-f known_hosts_file]
ssh-keygen -r hostname [-f input_keyfile] [-g]
ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]
ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]
[-j start_line] [-K checkpt] [-W generator]
ssh-keygen -s ca_key -I certificate_identity [-h] [-U]
[-D pkcs11_provider] [-n principals] [-O option]
[-V validity_interval] [-z serial_number] file ...
ssh-keygen -L [-f input_keyfile]
ssh-keygen -A
ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]
file ...
ssh-keygen -Q -f krl_file file ...The actual situation is also less than so many parameters, you can specify the encryption type and comments.
E.g:
$ ssh-keygen -t rsa -C "[email protected]"
Generating public/private rsa key pair.
Enter file in which to save the key (C:\Users\fucheng/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in C:\Users\fucheng/.ssh/id_rsa.
Your public key has been saved in C:\Users\fucheng/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:9OlHGn5uIlELfGIYXdWectiEV5XS2quWpD1qpd2QJC8 [email protected]
The key's randomart image is:
+---[RSA 2048]----+
| . ....o..=|
| . . ..+o |
| +. *+. |
| ..=.oooo=. |
| .S=+.=o. .|
| .o.E * . |
| .+ @ = |
| . .B.B . |
| ..++ . |
+----[SHA256]-----+No password is required under normal circumstances, you can directly enter.
Executing the ssh-keygenfollowing will, under the user directory .sshunder the file, generate a id_rsafile and the id_rsa.pubfile.
id_rsaFile is a private key, to keep it on the local, the private key can produce public, not vice versa.id_rsa.pubFile is the public key, can be used to transmit to other servers, or the git.
2 ssh server settings without password
Prior to the public locally generated id_rsa.pub, is sent to the server requires no password, and then id_rsa.pubthe content is added to the server's ~/.ssh/authorized_keysfile can be.
If you do not .ssh directory, create a good, or perform ssh localhostlog on locally, ssh will be automatically created.
It operates with the following command:
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys Also, if you want no password to log on locally localhost, then the local implementation of the above command can be, and then after the execution ssh localhostdoes not need to enter the password.
3 Set ssh without password access git repository
Note that this visit is mainly private warehouse.
With github, for example, find a personal home page, click [settings], find [SSH and GPG keys], new SSH keys, local id_rsa.pubcopy of the content to the keyinside, tittleyou can easily fill, so configured.
To access the warehouse to find the home page, click on Clone or Downloadwill use Httpbe replaced use SSH, and then will display the corresponding warehouse address such as:[email protected]:uername/xxxxx.git
Use this address can be accessed without a password in the local warehouse.