密钥对生成

mkdir tmp
ssh-keygen -t rsa -C "you_email@isoftstone.com" -f tmp/id_rsa

会生成两个文件 密钥：id_rsa ， 公钥：id_rsa.pub， 把公钥给到运维开对应服务器权限，

连接时需要使用到密钥， 可以把私钥放到家目录下的.ssh目录下， cp tmp/id_rsa ~/.ssh/

连接阿里云堡垒机： ssh qingyank@39.103.223.155, 把刚才生成的密钥放到自己家目录， ~/.ssh/， 通过堡垒机跳到自己所需要的服务器上。 ssh 10.1.39.100

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0755 for '/Users/yulei/Downloads/datago-demo-aliyun.pem' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/Users/yulei/Downloads/datago-demo-aliyun.pem": bad permissions
root@39.101.161.57: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

如果遇到如上问题， 需要修改id_rsa为600， 命令为： chmod 600 id_rsa

 

如果需要使用root用户来操作一些命令， 需要使用 sudo su - 先切换成root再操作

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:qghRHT9toYW8s1Lled8jzBQziaS6lqkF4vjRBs9OBj0.
Please contact your system administrator.
Add correct host key in /Users/yulei/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/yulei/.ssh/known_hosts:71
Host key for 39.101.161.57 has changed and you have requested strict checking.
Host key verification failed.

遇到上述问题需要在/Users/yulei/.ssh/known_hosts中删除第71行数据再次连接

标签：Users,操作手册,rsa,id,ssh,key,yulei,服务器,连接
来源： https://www.cnblogs.com/ykluo/p/16358223.html