This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_ssh [2020/06/26 20:22] val [SSH вместо VPN (привязка к порту сервера)] |
сервис_ssh [2021/01/12 10:09] val [Аутентификация с использованием ключей ssh] |
||
---|---|---|---|
Line 136: | Line 136: | ||
==== SSH вместо VPN (привязка к порту клиента) ==== | ==== SSH вместо VPN (привязка к порту клиента) ==== | ||
<code> | <code> | ||
+ | windows desktop | ||
Putty | Putty | ||
Session | Session | ||
Line 143: | Line 144: | ||
Destination 192.168.100+X.101:3389 | Destination 192.168.100+X.101:3389 | ||
- | linux> ssh -L 3101:192.168.100+X.101:3389 192.168.X.10 | + | linux desktop$ ssh -L 3101:192.168.100+X.101:3389 192.168.X.10 |
Remote Desktop Connection->127.0.0.1:3101 | Remote Desktop Connection->127.0.0.1:3101 | ||
Line 234: | Line 235: | ||
=== Генерация ключей === | === Генерация ключей === | ||
<code> | <code> | ||
- | user1@client1:~$ ssh-keygen | + | student@client1:~$ ssh-keygen |
</code><code> | </code><code> | ||
... | ... | ||
Line 240: | Line 241: | ||
... | ... | ||
</code><code> | </code><code> | ||
- | user1@client1:~$ ls .ssh/ | + | student@client1:~$ ls .ssh/ |
- | + | ||
- | user1@client1:~$ chmod 755 . | + | |
- | user1@client1:~$ chmod 700 .ssh/ | + | |
- | user1@client1:~$ chmod 600 .ssh/authorized_keys | + | |
</code> | </code> | ||
Line 253: | Line 250: | ||
<code> | <code> | ||
linux$ ssh-copy-id gate | linux$ ssh-copy-id gate | ||
+ | |||
+ | linux$ ssh-copy-id server | ||
freebsd$ ssh-copy-id -i .ssh/id_rsa.pub gate | freebsd$ ssh-copy-id -i .ssh/id_rsa.pub gate | ||
Line 260: | Line 259: | ||
<code> | <code> | ||
- | user1@client1$ ssh gate "mkdir .ssh" | + | student@client1$ ssh gate "mkdir .ssh" |
- | user1@client1$ scp .ssh/id_rsa.pub gate:.ssh/authorized_keys | + | student@client1$ scp .ssh/id_rsa.pub gate:.ssh/authorized_keys |
или | или | ||
- | user1@client1$ cat .ssh/id_rsa.pub | ssh gate "cat >> .ssh/authorized_keys" | + | student@client1$ cat .ssh/id_rsa.pub | ssh gate "cat >> .ssh/authorized_keys" |
</code> | </code> | ||
=== Использование ssh_agent === | === Использование ssh_agent === | ||
<code> | <code> | ||
- | user1@client1$ ssh-agent | + | student@client1$ ssh-agent |
SSH_AUTH_SOCK=/tmp/ssh-JaQgNr4492/agent.4492; export SSH_AUTH_SOCK; | SSH_AUTH_SOCK=/tmp/ssh-JaQgNr4492/agent.4492; export SSH_AUTH_SOCK; | ||
SSH_AGENT_PID=4493; export SSH_AGENT_PID; | SSH_AGENT_PID=4493; export SSH_AGENT_PID; | ||
echo Agent pid 4493; | echo Agent pid 4493; | ||
- | user1@client1$ SSH_AUTH_SOCK=/tmp/ssh-JaQgNr4492/agent.4492; export SSH_AUTH_SOCK; | + | student@client1$ SSH_AUTH_SOCK=/tmp/ssh-JaQgNr4492/agent.4492; export SSH_AUTH_SOCK; |
- | user1@client1$ SSH_AGENT_PID=4493; export SSH_AGENT_PID; | + | student@client1$ SSH_AGENT_PID=4493; export SSH_AGENT_PID; |
</code> | </code> | ||
или | или | ||
<code> | <code> | ||
- | user1@client1$ eval `ssh-agent -s` | + | student@client1$ eval `ssh-agent -s` |
</code><code> | </code><code> | ||
- | user1@client1$ ssh-add | + | student@client1$ ssh-add |
Enter passphrase for /root/.ssh/id_rsa: | Enter passphrase for /root/.ssh/id_rsa: | ||
... | ... | ||
- | gate# ssh-add -l | + | student@client1$ ssh-add -l |
... | ... | ||
- | user1@client1$ ssh gate | + | student@client1$ ssh gate |
+ | |||
+ | student@client1$ ssh server | ||
</code> | </code> | ||