[Linux] SSH key login
http://ehostidc.co.kr/center/EH050402.php?no=141573&page=6&choose=tit¡¦ (398)http://ehostidc.co.kr/cld/EH020201.php?ke=0 (373)
SSH key login 설정법
A. 주사용처
서버 백업
서버간 데이터 동기화시 rsync 이용시
kt cloud / AWS cloud 로그인시
B. 설정 방법
1. 클라이언트 서버에서 ssh-keygen
root@control:/home/user# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:gzcO5QMV6N1NVHZKaxXLXd0z6SzNXeV/V3JoLipAs98 root@control
The key"s randomart image is:
+---[RSA 2048]----+
| .o. ...+.@|
| .. .o.@B|
| .+... o %oX|
| ..B. . .= B+|
| = S . o +|
| * = . . o|
| + E |
| . |
| |
+----[SHA256]-----+
2. key 확인
root@control:/home/user# ll /root/.ssh/
total 20
drwx------ 2 root root 4096 Jul 16 20:41 ./
drwx------ 4 root root 4096 Jul 13 04:05 ../
-rw------- 1 root root 1675 Jul 16 20:41 id_rsa
-rw-r--r-- 1 root root 394 Jul 16 20:41 id_rsa.pub
-rw-r--r-- 1 root root 222 Jul 3 03:13 known_hosts
3. 원격 서버로 key 복사
root@control:/home/user# scp $HOME/.ssh/id_rsa.pub user@com1:id_rsa.pub
assword:
id_rsa.pub# 키 파일 내용 복사
# authorized_keys 파일은 /etc/ssh/sshd_config 에서 확인 필요. authorized_keys2 인 경우도 있음.
root@com1:/home/user# cat $HOME/id_rsa.pub >> $HOME/.ssh/authorized_keys
root@com1:/home/user# chmod 600 $HOME/.ssh/authorized_keys
4. 원격 서버 로그인
root@control:/home/user# ssh root@com1
Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-31-generic x86_64)* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage20 packages can be updated.
4 updates are security updates.
*** System restart required ***
C. 체크 사항
1. centos 7 : authorized_keys2
2. ubuntu 16.04 : authorized_keys
3.authorized_keys(2) 파일의 권한이 600이 아니거나, 사용자가 틀릴경우 로그인 안됨.