Published - 6 years ago ( Updated - 6 years ago )
Programs in the ssh core suite such as scp, ssh, ssh-add, ssh-agent, sshd, and ssh-keygen
This article mainly briefly describes the usage scenarios of ssh-agent and ssh-add.
Before we start, let's take a brief introduction to the purpose of these instructions:
Before we use
It's very simple, just enter the command
After completion, we can add the key to the
When no parameters are used,
When the key has a password, it will ask to enter the password of the key. If multiple key files are provided, it will remember the last set of passwords entered .
Use one (memory password):
So we can add the password to
In this way, we don't need to enter complex key passwords when we connect to the remote host.
We can use -K to memorize the password into the key ring. (The ssh-agent key will be forgotten after rebooting on Mac OS)
Purpose 2 (forwarding and verifying agent connection): Oh, it’s too classical, to put it bluntly, it is cross-host verification.
Client---->ServerA---->ServerB.
For example, Server A cannot log in to Server B, but our Client can log in to both A and B.
We can use
We can view the public key added to ssh-agent through the following command
But it seems troublesome to enable this function every time, so we can also add it to our ssh configuration file.
~/.ssh/config
This article mainly briefly describes the usage scenarios of ssh-agent and ssh-add.
Before we start, let's take a brief introduction to the purpose of these instructions:
| scp | Secure Copy encrypts secure copies between hosts. |
| ssh | The Secure Shell client is used to connect to the server to execute system commands, which can be regarded as encrypted telnet. |
| ssh-add | Add key identification to authentication agents. |
| ssh-agent | When performing public key authentication, the remote host can access and store your private key. |
| sshd | By default it will listen to the Secure Shell server on port 22. |
| ssh-keygen | The ssh key generator can generate public-private key pairs for public key verification of remote hosts. |
ssh-add , let's take a look at the authentication agent (ssh-agent -- authentication agent), how to start him?It's very simple, just enter the command
ssh-agent on the command line.After completion, we can add the key to the
ssh-agent (authentication agent) through the ssh-add command.When no parameters are used,
ssh-add will add ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/identity.When the key has a password, it will ask to enter the password of the key. If multiple key files are provided, it will remember the last set of passwords entered .
Use one (memory password):
So we can add the password to
ssh-agent through ssh-add to remember our key password,In this way, we don't need to enter complex key passwords when we connect to the remote host.
We can use -K to memorize the password into the key ring. (The ssh-agent key will be forgotten after rebooting on Mac OS)
Purpose 2 (forwarding and verifying agent connection): Oh, it’s too classical, to put it bluntly, it is cross-host verification.
Client---->ServerA---->ServerB.
For example, Server A cannot log in to Server B, but our Client can log in to both A and B.
We can use
ssh -A ServerA , because of the -A parameter, the forwarding function is enabled, so that we can connect to ServerA and then use our key to connect to ServerB through the forwarding agent.We can view the public key added to ssh-agent through the following command
ssh-add -L .But it seems troublesome to enable this function every time, so we can also add it to our ssh configuration file.
~/.ssh/config
Host ServerA
HostName 35.194.181.21
ForwardAgent yes
No Comment
Post your comment