tu-*_*duh 7 linux ssh ssh-keys
我的 ~/.ssh/ 目录中有多个键,每个键都有一个单独的项目名称,用于每个都有多个服务器的项目。id_rsa_project1, id_rsa_project2
但是,ssh 不会搜索它们。如果我运行,ssh -v user@projectserver我会得到如下输出:
...
debug1: Connection established.
...
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/me/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /home/me/.ssh/id_dsa
debug1: Trying private key: /home/me/.ssh/id_ecdsa
debug1: Trying private key: /home/me/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password
user@projectserver password:
这似乎是设计使然,正如ssh_config联机帮助页所说,默认情况下,搜索的身份是~/.ssh/id_dsa、~/.ssh/id_ecdsa、
~/.ssh/id_ed25519和~/.ssh/id_rsa。
当然,我可以:
-i ~/.ssh/id_rsa_project1每次都将开关添加到命令行,或者...但对于我们更改密钥和密钥文件的规律性而言,所有这些似乎都太麻烦了。
我确实尝试将IdentityFile ~/.ssh/*添加到/etc/ssh/ssh_config但它似乎将其视为文字 * 而不是通配符。
如何告诉 ssh 读取并尝试~/.ssh/ 中的所有密钥文件?
最简单的方法是将它们添加到ssh-agent:
启动代理:
eval `ssh-agent`
添加所有键~/.ssh:
ssh-add ~/.ssh/id_rsa_*
但请注意,这不是理想的方式,因为在您想要连接的所有服务器上都尝试了所有密钥。~/.ssh/config建议在解决方案中进行适当的配置。