创建 OpenSSH 证书

Posted on Posted in 8.附录

创建 OpenSSH 证书

The  next step is to create
a key pair for authentication. There are two  possible ways to create
keys. The first is to create the keys with  PuTTYgen on the client,
upload the public key to your server and use the  private key with
PuTTY. The other is to create the key pair with the  OpenSSH tool
ssh-keygen, download the private key to your client and  convert the
private key to a PuTTY-style private key.

使用 ssh-keygen 创建密钥

Login to the server as root or svnuser and type:

ssh-keygen -b 1024 -t dsa -N passphrase -f keyfile

substituting
a real pass-phrase (which only you know) and key  file. We just created
a SSH2 DSA key with 1024 bit key-phrase. If you  type

ls -l keyfile*

you will see two files, keyfile and keyfile.pub. As you might guess, the .pub file is the public key file, the other is the private one.

Append the public key to those in the .ssh folder within the svnuser home directory:

cat keyfile.pub >> /home/svnuser/.ssh/authorized_keys

In
order to use the private key we generated, we have to  convert it to a
putty format. This is because the private key file  format is not
specified by a standards body. After you download the  private key file
to your client PC, start PuTTYgen and use Conversions → Import key.
Browse to your file keyfile which you got from the server
the passphrase you used when creating the key. Finally click on Save
private key and save the file as keyfile.PPK.

使用 PuTTYgen 创建密钥

Use
 PuTTYgen to generate a public-key/private-key pair and save it. Copy
 the public key to the server and append it to those in the .ssh folder within the svnuser home directory:

cat keyfile.pub >> /home/svnuser/.ssh/authorized_keys