我有多个私钥用于连接到各种盒子。这主要是针对 AWS 的,它让我导入一个密钥以连接到机器 - 我为此创建了一个单独的密钥集。而不是不断地做:
ssh -i ~/.ssh/aws-key.pem ec2-user@aws.ip
添加aws-key.pem到我的“ssh 钥匙串”以便它默认检查除现有“id_dsa”密钥之外的所有 SSH 请求的最佳方法是什么?
你有几个选择。
使用SSH 代理。只需将 ssh-add 用于您的所有私钥,并让您的代理确定使用哪个密钥。我通常更喜欢使用代理,并且总是在我登录到我的系统时启动它,并添加我所有的密钥。它让一切变得简单。
更改 ssh 配置
# .ssh/config
# per host example
Host blah.example.com
User zoredache
IdentityFile ~/.ssh/username_YYYYMMDD_id_rsa
# global example
Host *
User zoredache
IdentityFile ~/.ssh/key1_YYYYMMDD_id_rsa
IdentityFile ~/.ssh/key2_YYYYMMDD_id_rsa
IdentityFile ~/.ssh/keyn_YYYYMMDD_id_rsa
使用IdentityFile中~/.ssh/config
如果您只希望它用于特定主机,请将其包含在Host指令下。
IdentityFile
Specifies a file from which the user's DSA, ECDSA or DSA authentication identity is read. The default is ~/.ssh/identity for protocol version 1, and ~/.ssh/id_dsa,
~/.ssh/id_ecdsa and ~/.ssh/id_rsa for protocol version 2. Additionally, any identities represented by the authentication agent will be used for authentication. ssh(1) will
try to load certificate information from the filename obtained by appending -cert.pub to the path of a specified IdentityFile.
The file name may use the tilde syntax to refer to a user's home directory or one of the following escape characters: ‘%d’ (local user's home directory), ‘%u’ (local user
name), ‘%l’ (local host name), ‘%h’ (remote host name) or ‘%r’ (remote user name).
It is possible to have multiple identity files specified in configuration files; all these identities will be tried in sequence. Multiple IdentityFile directives will add
to the list of identities tried (this behaviour differs from that of other configuration directives).
| 归档时间: |
|
| 查看次数: |
1325 次 |
| 最近记录: |