keychain代理ssh密钥密码
keychain ssh-agent front-end
keychain
1.生成秘钥(服务端,管理端)
ssh-keygen -t rsa // -t rsa | dsa
123123 //--key认证密码
2.拷贝公钥到客户端上
ssh-copy-id -i /root/.ssh/id_rsa.pub root@ip //存在则追加~/.ssh/authorized_keys
or
cat id-rsa.pub >>~/.ssh/authorized_keys //追加公钥
chmod 700 ~/.ssh && chmod 600 ~/.ssh/authorized_keys //权限设置
3.编译keychain(私钥端)
# requirement
yum install -y gcc gcc-c++ make
# compiler
make -s -j2
# cp
cp keychain /usr/bin/
注意:keychain,在控制端,也就是私钥存储的服务器上!
4.配置本地用户变量
vim ~.bash_profile
# add keychain
keychain id_rsa
. ~/.keychain/$HOSTNAME-sh
source ~.bash_profile //提示需要输入载入id_rsa 认证密码
[root@c7-100 ~]# source .bash_profile
* keychain 2.8.5 ~ http://www.funtoo.org
* Starting ssh-agent...
* Adding 1 ssh key(s): /root/.ssh/id_rsa
Enter passphrase for /root/.ssh/id_rsa:
* ssh-add: Identities added: /root/.ssh/id_rsa
# ssh-agent
[root@c7-100 ~]# keychain --agents
* keychain 2.8.5 ~ http://www.funtoo.org
* Found existing ssh-agent: 1856
[root@c7-100 ~]# ps -ef |grep agent
root 1856 1 0 19:37 ? 00:00:00 ssh-agent
root 1988 1898 0 19:40 pts/3 00:00:00 grep --color=auto agent
5.远程ssh客户端
ssh root@ip
[root@c7-100 ~]# ssh [email protected] Last login: Thu Jul 4 19:36:58 2024 from gateway