Linux Administration Cookbook
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

The authorized_keys file

When you connect to your remote host, SSH validates the key ID you're providing against a list of authorized_keys.

In our example, we used the ssh-copy-id command to place our key on the remote server. What this actually does is put it in a specific file of the home user you're connecting to.

On our centos2 host, we can find this file in the user's home directory, under .ssh:

[vagrant@centos2 ~]$ pwd
/home/vagrant
[vagrant@centos2 ~]$ ls .ssh/
authorized_keys

Looking inside this file reveals the following:

[vagrant@centos2 ~]$ cat .ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNkm9JCaRa/5gunzDZ8xO2/xwRvUx03pITH6f4aYziY/j+7o39XnmNyLRVpvh16u9W75ANJeFpBD7lkevluvaFVRQnZGAhuIdGqLHBlGDnVzkzcQGUFc/fcAc9rDAFGa0h7+BF18P0jpOMXfHQu8+7+cBjJ6cW+ztKerG2ali/JLtSHFirXaVTkOKYkwYVfK7z7nmdMsSzgEOsfg5XrylI+ufhGdgWCKtweHsBeAVWjBBbvNaIwgdRVpB1YmLkLgLN7NxRs53OuejwArLS6tvNS+ZBDiSX+was9gErrhGhZ1mdiOMbd3/oTfFEcOiRNOv/+7Tk4P8fJbnO1dzM8Gid vagrant
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwR6+SAohzU9f1SAha634StlJaBGIZ+k5Rb6T6L4VqxHIfRwCV+uciXbkTg8+lxiP8whGYEiDxfPveqW1xf87JYlWTT3ZT3gd3pfxY1+IgRB7j5Ttd2RBCMeMYB9VJWLqib6K9oeHJyGzM39aJqE2AzxKxc+rXeXT16RlFxs7nDZwS9xV7Dai9LB/Jez0pT8pLFVD/QRsGw0uMjMMSjmKqxPrDpHzZ3OUymB5AdyVfts4JTZINSrWdejPR8G93pzH4S8ZYijhgpOnSuoyGhMnwAjwOJyNkkFOT1rKCuzpW33hr2c1pJSBPZTAx2/ZvB1He2/UweBF2VeQpSruQB7tXkQMeXSQBpe+/zMqOLD82vake3M8mqNpFJoVG3afr9RcCXtqn7cF3fDEqj7nNk0Em6/9akO2/tK5KInWhyOjKdV41ntB6IVPGJWOUBmnvf9HVpOMa8rxeb3KpBqnn6z70rjMTKqHmAQ5BeCuVSezTl4xAUP940PbkHSm0mDeWYMi2AgbofKDGBmH/GGUn3QeahhiLTXGzbIHszbXJdJ5dn30oWAPovW/gc0CeeHgUV7IwJ6wxVIz8jYKpjtDtIPYDs+RJMrWo8qPnhHWxA6HVp42eUylh7eazPUzitfZ2SBQHe3ShbBHTh2wHcLcRoVgSMrMJmfQ7Ibad5ZiWepobJw== Example RSA Key
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGnqP8zTx50SwjP+Fe26RdDx2W3/TQ+0ET8ylxfFB+a Example Ed25519 key

Here, we can see three keys, over three lines.

The first key is as follows:

[vagrant@centos2 ~]$ cat .ssh/authorized_keys | head -n1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNkm9JCaRa/5gunzDZ8xO2/xwRvUx03pITH6f4aYziY/j+7o39XnmNyLRVpvh16u9W75ANJeFpBD7lkevluvaFVRQnZGAhuIdGqLHBlGDnVzkzcQGUFc/fcAc9rDAFGa0h7+BF18P0jpOMXfHQu8+7+cBjJ6cW+ztKerG2ali/JLtSHFirXaVTkOKYkwYVfK7z7nmdMsSzgEOsfg5XrylI+ufhGdgWCKtweHsBeAVWjBBbvNaIwgdRVpB1YmLkLgLN7NxRs53OuejwArLS6tvNS+ZBDiSX+was9gErrhGhZ1mdiOMbd3/oTfFEcOiRNOv/+7Tk4P8fJbnO1dzM8Gid vagrant

This is the key that Vagrant uses to connect to the VMs. It's not one we created.

The second is as follows:

[vagrant@centos2 ~]$ cat .ssh/authorized_keys | head -n2 | tail -n1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwR6+SAohzU9f1SAha634StlJaBGIZ+k5Rb6T6L4VqxHIfRwCV+uciXbkTg8+lxiP8whGYEiDxfPveqW1xf87JYlWTT3ZT3gd3pfxY1+IgRB7j5Ttd2RBCMeMYB9VJWLqib6K9oeHJyGzM39aJqE2AzxKxc+rXeXT16RlFxs7nDZwS9xV7Dai9LB/Jez0pT8pLFVD/QRsGw0uMjMMSjmKqxPrDpHzZ3OUymB5AdyVfts4JTZINSrWdejPR8G93pzH4S8ZYijhgpOnSuoyGhMnwAjwOJyNkkFOT1rKCuzpW33hr2c1pJSBPZTAx2/ZvB1He2/UweBF2VeQpSruQB7tXkQMeXSQBpe+/zMqOLD82vake3M8mqNpFJoVG3afr9RcCXtqn7cF3fDEqj7nNk0Em6/9akO2/tK5KInWhyOjKdV41ntB6IVPGJWOUBmnvf9HVpOMa8rxeb3KpBqnn6z70rjMTKqHmAQ5BeCuVSezTl4xAUP940PbkHSm0mDeWYMi2AgbofKDGBmH/GGUn3QeahhiLTXGzbIHszbXJdJ5dn30oWAPovW/gc0CeeHgUV7IwJ6wxVIz8jYKpjtDtIPYDs+RJMrWo8qPnhHWxA6HVp42eUylh7eazPUzitfZ2SBQHe3ShbBHTh2wHcLcRoVgSMrMJmfQ7Ibad5ZiWepobJw== Example RSA Key

This is our generated RSA key. Note that it's longer than the Vagrant default, owing to the custom 4096 bit-length that we specified.

Our third key is as follows:

[vagrant@centos2 ~]$ cat .ssh/authorized_keys | tail -n1
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGnqP8zTx50SwjP+Fe26RdDx2W3/TQ+0ET8ylxfFB+a Example Ed25519 key

This is our Ed25519 key.

You could, if you so wished, manually copy public keys into the authorized_keys file on the host you're connecting to. The ssh-copy-id command we used is simply a convenient way of cutting out a few of the extra steps.
本周热推:
Flash动画设计UGNX 5三维造型Mastering KubernetesLinux服务与安全管理Cortex-M3嵌入式处理器原理与应用
上一章目录下一章