我最近开始使用RSA密钥对来login到我pipe理的各种服务器,并希望了解最佳实践,因为我最近遇到了一些问题。
在本地只保留一个RSA密钥并注册与要login的每个服务器相同的密钥是最佳实践吗? 我最近尝试添加一个新的服务器,我需要访问,它不能正常工作的关键。
先谢谢你。
我不确定它是否是“标准的”,但是如果要使用多个键,则需要在命令行中指定要使用的或在〜/ .ssh /configuration文件。 从OpenSSH手册页:
-i identity_file Selects a file from which the identity (private key) for public key authentication is read. The default is ~/.ssh/identity for protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa and ~/.ssh/id_rsa for protocol version 2. Identity files may also be specified on a per-host basis in the configuration file. It is pos‐ sible to have multiple -i options (and multiple identities specified in configuration files). ssh will also try to load certificate information from the filename obtained by appending -cert.pub to identity filenames.
示例configuration条目:
host remote.host.example.com IdentityFile ~/tmp/example_rsa