首先用apt-get命令安装SSH
jerry@ubuntu:~$ sudo apt-get install ssh
[sudo] password for jerry:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
libck-connector0 ncurses-term openssh-server openssh-sftp-server
ssh-import-id
Suggested packages:
rssh molly-guard monkeysphere
The following NEW packages will be installed:
libck-connector0 ncurses-term openssh-server openssh-sftp-server ssh
ssh-import-id
upgraded, newly installed, to remove and not upgraded.
Need to get kB of archives.
After this operation, , kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get: http://us.archive.ubuntu.com/ubuntu/ trusty/main libck-connector0 amd64 0.4.5-3.1ubuntu2 [10.5 kB]
Get: http://us.archive.ubuntu.com/ubuntu/ trusty/main ncurses-term all 5.9+20140118-1ubuntu1 [243 kB]
Get: http://us.archive.ubuntu.com/ubuntu/ trusty-updates/main openssh-sftp-server amd64 1:6.6p1-2ubuntu2.3 [34.1 kB]
查找下用户目录下有没有.ssh文件夹。这个文件夹本身是个隐藏文件夹。安装SSH的时候应该默认会在安装用户的个人目录下创建改文件,如果没有就自己手动创建一个。至于它是用来干嘛的?SSH使用的是公钥加密。这个文件夹就是用来存放公钥和私钥两个文件的文件夹。
jerry@ubuntu:~$ ls -a -d .ssh ~
ls: cannot access .ssh: No such file or directory
/home/jerry
jerry@ubuntu:~$ mkdir ~/.ssh
jerry@ubuntu:~$ ls -a -d .ssh ~
/home/jerry .ssh
jerry@ubuntu:~$
接下来就是生成密钥了。这里用ssh_keygen命令生成密钥。-t表示加密类型,ssh支持rsa(目前流行的公钥加密算法)/dsa(digital signature algorithm数字签名算法)。-f表示公钥和私钥文件保存的路径。可以看到.ssh文件夹下生成了id_dsa(私钥)和id_dsa.pub(公钥)两个文件。
jerry@ubuntu:~$ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa
Generating public/private dsa key pair.
Your identification has been saved in /home/jerry/.ssh/id_dsa.
Your public key has been saved in /home/jerry/.ssh/id_dsa.pub.
The key fingerprint is:
e8:::7d:ae:::::2f:::5d:b0:b3: jerry@ubuntu
The key's randomart image is:
+--[ DSA ]----+
| o.o. .. |
| . o. .. |
| E. . .o.|
| . =. + .+|
| . S.. + o o|
| . . . . = |
| . . . o|
| . o |
| . |
+-----------------+
jerry@ubuntu:~$ ls -a ~/.ssh/
. .. id_dsa id_dsa.pub
jerry@ubuntu:~$
添加公钥到认证的公钥证书列表中
jerry@ubuntu:~$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
jerry@ubuntu:~$
尝试用SSH连接本地服务器
jerry@ubuntu:~$ ssh localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is da:b7:c3:2a:ea:a2::4c:c3:c1::ca:0e:c2:ea:.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 14.04. LTS (GNU/Linux 3.19.--generic x86_64) * Documentation: https://help.ubuntu.com/ The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law. jerry@ubuntu:~$
有用的链接:
ssh: connect to host h2 port 22: No route to host
ssh登录 The authenticity of host 192.168.0.xxx can't be established. 的问题