使用证书登录(免密码)

第一步:生成“公钥”和“私钥”

qige@ubuntu:~$ 
qige@ubuntu:~$ cd .ssh/
qige@ubuntu:~/.ssh$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/qige/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/qige/.ssh/id_rsa.
Your public key has been saved in /home/qige/.ssh/id_rsa.pub.
The key fingerprint is:
51:2d:88:4b:05:f2:80:76:30:25:68:24:d2:e0:75:2f qige@ubuntu
The key's randomart image is:
+--[ RSA 2048]----+
|==+=+..+....     |
|=.=oo++ ... .    |
|.o . E.o.  .     |
|      o  .       |
|        S        |
|                 |
|                 |
|                 |
|                 |
+-----------------+
qige@ubuntu:~/.ssh$ ls
authorized_keys  id_rsa  id_rsa.pub  known_hosts

第二步:将“公钥”保存到OpenWrt

将“公钥”的内容以文本形式“保存”或“追加”到OpenWrt/etc/dropbear/authorized_keys文件内。

qige@ubuntu:~/.ssh$ nc -l 1111 < id_rsa.pub

root@openwrt:~# cd /tmp
root@openwrt:/tmp# nc 192.168.1.2 1111 > id_rsa.pub
root@openwrt:/tmp# cat id_rsa.pub >> /etc/dropbear/authorized_keys

需要注意,在OpenWrt上,不能直接将.pub文件存储为/etc/dropbear/authorized_keys!(非常重要)

第三步:在Ubuntu下使用“私钥”登录

qige@ubuntu:~/.ssh$ cd
qige@ubuntu:~$ ssh [email protected]
Using username "root".
Authenticating with public key "qige-dev-170807"


BusyBox v1.19.4 (2013-03-14 14:28:00 UTC) built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 ATTITUDE ADJUSTMENT (12.09, r36088)
 -----------------------------------------------------
  * 1/4 oz Vodka      Pour all ingredients into mixing
  * 1/4 oz Gin        tin with ice, strain into glass.
  * 1/4 oz Amaretto
  * 1/4 oz Triple sec
  * 1/4 oz Peach schnapps
  * 1/4 oz Sour mix
  * 1 splash Cranberry juice
 -----------------------------------------------------
root@OpenWrt:~# 
root@OpenWrt:~#

第四步:在Windows下使用Putty“私钥”登录

Putty无法直接使用私钥,需要先使用puttygen来转换证书格式。

puttygen下载地址为:http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

使用时,先将“私钥”转存至Windows电脑上,然后打开puttygen,导入“私钥”(注意选择时,需要选择“All files (*.*)”才能看到“私钥”文件),然后点击“”,将“私钥”转换为“.ppk”格式。

使用Putty证书登录,具体参数设置如下图,点击“Open”开始连接并登录

results matching ""

    No results matching ""