ssh-keygen命令 – 生成SSH密钥文件
ssh-keygen命令来自英文词组“SSH key generate”的缩写,其功能是用于生成SSH密钥文件。ssh-keygen命令能够对SSH密钥文件进行生成、管理、转换等工作,支持RSA和DSA两种密钥格式。
语法格式:ssh-keygen [参数] [对象]
常用参数:
| -b | 设置密钥长度 |
| -B | 显示密钥文件摘要 |
| -c | 设置注释信息 |
| -e | 读取已有密钥文件 |
| -f | 设置保存密钥的文件名 |
| -F | 设置搜索的主机名 |
| -i | 读取SSH2兼容格式的未加密文件 |
| -I | 显示指定公钥文件的指纹信息 |
| -N | 设置新密码 |
| -p | 设置私钥文件的密码 |
| -P | 提供旧密码 |
| -q | 静默执行模式 |
| -r | 显示指定公钥文件 |
| -t | 设置要创建的密钥类型 |
| -v | 显示执行过程详细信息 |
参考示例
创建一个SSH密钥文件:
[root@linux-arae-cc ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 直接回车,以默认路径保存
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 直接回车,不额外设置密钥密码
Enter same passphrase again: 直接回车,确认不额外设置密钥密码
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:tUB6SjLnvqM7p2l+bmHUZGNqUyyOPmXGyiMp3tC9xNA root@linux-arae-cc.com
The key's randomart image is:
+---[RSA 2048]----+
| .. |
| .oB |
| +++Oo.. |
| ..E@o.o . |
| .++Bo.S . |
|..o.*=o |
|..o..+o. |
| . .oo=. |
| o*Xo. |
+----[SHA256]-----+手动指定加密格式并添加注释信息,创建一个SSH密钥文件
[root@linux-arae-cc ~]# ssh-keygen -t rsa -C "welcome to linux.arae.cc"
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 直接回车,以默认路径保存
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 直接回车,不额外设置密钥密码
Enter same passphrase again: 直接回车,确认不额外设置密钥密码
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:OQodor0B83DoxbFOY+KUo0swrQAgo8tL3qIHA0t40gQ welcome to linux.arae.cc
The key's randomart image is:
+---[RSA 2048]----+
|E. . |
|+o.+ o |
|*o@ X . |
|BXo/ + . . |
|*B+ * . S |
|B.o + . . |
|.* .. . |
|. o |
|.. |
+----[SHA256]-----+