設定前ssh実施(ホスト側)
公開鍵情報を渡してない状態では接続できない
[user1@host1 ~]$
[user1@host1 ~]$ ssh user2@172.31.9.35
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
[user1@host1 ~]$公開鍵の作成(ホスト側)
公開鍵の作成
[user1@host1 ~]$
[user1@host1 ~]$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user1/.ssh/id_rsa):
Created directory '/home/user1/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user1/.ssh/id_rsa.
Your public key has been saved in /home/user1/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX user1@host1
The key's randomart image is:
+---[RSA 4096]----+
| ... . .. |
|..o.* . . |
|.ooO B . . o|
| .= O o . o E |
| o* . S.o = . |
| ..+...... = + . |
| o . .o o * |
| o . . * . |
| .+ +.. |
+----[SHA256]-----+
[user1@host1 ~]$公開鍵の確認
のちの手順で接続先のauthorized_keysに追記する
[user1@host1 ~]$
[user1@host1 ~]$ cat .ssh/id_rsa.pub
ssh-rsa XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX user1@host1
[user1@host1 ~]$公開鍵の登録(サーバ側)
格納場所の作成
[user2@host2 ~]$
[user2@host2 ~]$ mkdir .ssh
[user2@host2 ~]$authorized_keysへ登録
接続元の公開鍵情報を追記する
[user2@host2 ~]$
[user2@host2 ~]$ vi .ssh/authorized_keys
[user2@host2 ~]$権限変更
格納ディレクトリとauthorized_keysの権限をそれぞれ700,600に変える
(権限をつけすぎると接続できなかったりする)
[user2@host2 ~]$
[user2@host2 ~]$ chmod 700 .ssh/
[user2@host2 ~]$
[user2@host2 ~]$ chmod 600 .ssh/authorized_keys
[user2@host2 ~]$設定後ssh実施(ホスト側)
[user1@host1 ~]$
[user1@host1 ~]$ ssh user2@172.31.9.35
Last login: Tue Mar 11 15:35:48 2025
, #_
~\_ ####_ Amazon Linux 2
~~ \_#####\
~~ \###| AL2 End of Life is 2026-06-30.
~~ \#/ ___
~~ V~' '->
~~~ / A newer version of Amazon Linux is available!
~~._. _/
_/ _/ Amazon Linux 2023, GA and supported until 2028-03-15.
_/m/' https://aws.amazon.com/linux/amazon-linux-2023/
[user2@host2 ~]$まとめ
接続元の公開鍵情報を、接続先のauthorized_keysへ登録する
コメント