bash变量赋值及字符串的操作
Linux Daemon Writing HOWTO
2010/05/06 11:19 | by
与openssh有些不一样,如下:
User configuration of SSH2 becomes smarter than that of SSH1. Now public keys are stored in separate files and one can have multiple host-specific identifications (i.e., private keys). Read the ssh manual page for details. Here I describe most basic usage of SSH2. When you want to login to a remote host (Remote) from a local computer (Local) using SSH2, you do:
1. Create private & public keys of Local, by executing
ssh-keygen (ssh-keygen2) on Local.
Local> ssh-keygen
Generating 1024-bit dsa key pair
9 o.oOo..oOo.o
Key generated.
1024-bit dsa, created by ymmt@Local Wed Sep 23 07:11:02 1998
Passphrase :
Again :
Private key saved to /home/ymmt/.ssh2/id_dsa_1024_a
Public key saved to /home/ymmt/.ssh2/id_dsa_1024_a.pub
ssh-keygen will ask you a passphrase for new key. Enter a
sequence of any ordinal character (white spaces are OK) of proper
length (20 characters or so). ssh-keygen creates a ".ssh2"
directory in your home directory, and stores a new
authentication key in two separate files. One is your private
key and thus it must NOT be opened to anyone but you. In above
example, it is id_dsa_1024_a. The other (id_dsa_1024_a.pub) is
a public key that is safe to be opened and to be distributed
to other computers.
2. Create an "identification" file in your ".ssh2" directory on Local.
Local> cd ~/.ssh2
Local> echo "IdKey id_dsa_1024_a" > identification
This will create a file "identification" in your ".ssh2" directory, which has one line that denotes which file contains your identification. An identification corresponds a passphrase (see above). You can create multiple identifications by executing ssh-keygen again, but rarely you should.
3. Do the same thing (1, and optionally 2) on Remote.
This is needed just to setup ".ssh2" directory on Remote. Passphrase may be different.
4. Copy your public key of Local (id_dsa_1024_a.pub) to ".ssh2"
directory of Remote under the name, say, "Local.pub".
".ssh2" on Remote now contains:
Remote>ls -F ~/.ssh2
Local.pub
authorization
hostkeys/
id_dsa_1024_a
id_dsa_1024_a.pub
identification
random_seed
5. Create an "authorization" file in your ".ssh2" directory on Remote. Add the following one line to "authorization",
Key Local.pub
which directs SSH server to see Local.pub when authorizing your login. If you want to login to Remote from other hosts, create authorization keys on the hosts (step 1 and 2) and repeat step 4 and 5 on Remote.
6. Now you can login to Remote from Local using SSH2!
Try to login:
Local>ssh Remote
Passphrase for key "/home/ymmt/.ssh2/id_dsa1024_a" with
comment "1024-bit dsa, created by ymmt@Local Mon Sep 21
17:53:01 1998":
Enter your passphrase on Local, good luck!
User configuration of SSH2 becomes smarter than that of SSH1. Now public keys are stored in separate files and one can have multiple host-specific identifications (i.e., private keys). Read the ssh manual page for details. Here I describe most basic usage of SSH2. When you want to login to a remote host (Remote) from a local computer (Local) using SSH2, you do:
1. Create private & public keys of Local, by executing
ssh-keygen (ssh-keygen2) on Local.
Local> ssh-keygen
Generating 1024-bit dsa key pair
9 o.oOo..oOo.o
Key generated.
1024-bit dsa, created by ymmt@Local Wed Sep 23 07:11:02 1998
Passphrase :
Again :
Private key saved to /home/ymmt/.ssh2/id_dsa_1024_a
Public key saved to /home/ymmt/.ssh2/id_dsa_1024_a.pub
ssh-keygen will ask you a passphrase for new key. Enter a
sequence of any ordinal character (white spaces are OK) of proper
length (20 characters or so). ssh-keygen creates a ".ssh2"
directory in your home directory, and stores a new
authentication key in two separate files. One is your private
key and thus it must NOT be opened to anyone but you. In above
example, it is id_dsa_1024_a. The other (id_dsa_1024_a.pub) is
a public key that is safe to be opened and to be distributed
to other computers.
2. Create an "identification" file in your ".ssh2" directory on Local.
Local> cd ~/.ssh2
Local> echo "IdKey id_dsa_1024_a" > identification
This will create a file "identification" in your ".ssh2" directory, which has one line that denotes which file contains your identification. An identification corresponds a passphrase (see above). You can create multiple identifications by executing ssh-keygen again, but rarely you should.
3. Do the same thing (1, and optionally 2) on Remote.
This is needed just to setup ".ssh2" directory on Remote. Passphrase may be different.
4. Copy your public key of Local (id_dsa_1024_a.pub) to ".ssh2"
directory of Remote under the name, say, "Local.pub".
".ssh2" on Remote now contains:
Remote>ls -F ~/.ssh2
Local.pub
authorization
hostkeys/
id_dsa_1024_a
id_dsa_1024_a.pub
identification
random_seed
5. Create an "authorization" file in your ".ssh2" directory on Remote. Add the following one line to "authorization",
Key Local.pub
which directs SSH server to see Local.pub when authorizing your login. If you want to login to Remote from other hosts, create authorization keys on the hosts (step 1 and 2) and repeat step 4 and 5 on Remote.
6. Now you can login to Remote from Local using SSH2!
Try to login:
Local>ssh Remote
Passphrase for key "/home/ymmt/.ssh2/id_dsa1024_a" with
comment "1024-bit dsa, created by ymmt@Local Mon Sep 21
17:53:01 1998":
Enter your passphrase on Local, good luck!
