使用证书登录(免密码)
第一步:生成“公钥”和“私钥”
qige@ubuntu:~$
qige@ubuntu:~$ cd .ssh/
qige@ubuntu:~/.ssh$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/qige/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/qige/.ssh/id_rsa.
Your public key has been saved in /home/qige/.ssh/id_rsa.pub.
The key fingerprint is:
51:2d:88:4b:05:f2:80:76:30:25:68:24:d2:e0:75:2f qige@ubuntu
The key's randomart image is:
+--[ RSA 2048]----+
|==+=+..+.... |
|=.=oo++ ... . |
|.o . E.o. . |
| o . |
| S |
| |
| |
| |
| |
+-----------------+
qige@ubuntu:~/.ssh$ ls
authorized_keys id_rsa id_rsa.pub known_hosts
第二步:将“公钥”保存到OpenWrt
将“公钥”的内容以文本形式“保存”或“追加”到OpenWrt
的/etc/dropbear/authorized_keys
文件内。
qige@ubuntu:~/.ssh$ nc -l 1111 < id_rsa.pub
root@openwrt:~# cd /tmp
root@openwrt:/tmp# nc 192.168.1.2 1111 > id_rsa.pub
root@openwrt:/tmp# cat id_rsa.pub >> /etc/dropbear/authorized_keys
需要注意,在OpenWrt
上,不能直接将.pub
文件存储为/etc/dropbear/authorized_keys
!(非常重要)
第三步:在Ubuntu
下使用“私钥”登录
qige@ubuntu:~/.ssh$ cd
qige@ubuntu:~$ ssh [email protected]
Using username "root".
Authenticating with public key "qige-dev-170807"
BusyBox v1.19.4 (2013-03-14 14:28:00 UTC) built-in shell (ash)
Enter 'help' for a list of built-in commands.
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
ATTITUDE ADJUSTMENT (12.09, r36088)
-----------------------------------------------------
* 1/4 oz Vodka Pour all ingredients into mixing
* 1/4 oz Gin tin with ice, strain into glass.
* 1/4 oz Amaretto
* 1/4 oz Triple sec
* 1/4 oz Peach schnapps
* 1/4 oz Sour mix
* 1 splash Cranberry juice
-----------------------------------------------------
root@OpenWrt:~#
root@OpenWrt:~#
第四步:在Windows
下使用Putty
“私钥”登录
Putty
无法直接使用私钥,需要先使用puttygen
来转换证书格式。
puttygen
下载地址为:http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
使用时,先将“私钥”转存至Windows
电脑上,然后打开puttygen
,导入“私钥”(注意选择时,需要选择“All files (*.*)”才能看到“私钥”文件),然后点击“”,将“私钥”转换为“.ppk”格式。
使用Putty
证书登录,具体参数设置如下图,点击“Open”开始连接并登录