매번 비밀번호를 사용해서 로그인하는 것은 너무나 번거로운 일이다.
key-gen을 통해서 키가 생성되어 있어야 한다.
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/Users/forteleaf/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in idid_rsa. Your public key has been saved in idid_rsa.pub. The key fingerprint is: SHA256:lPQOOLrnc4N2dYOy0snymLKmibxGKTrx9Vijcn/GFOg firstname.lastname@example.org The key's randomart image is: +---[RSA 2048]----+ | . | | o o | | o.+ . | | ..o.o | | . .. S... | |oo ..E o o o | |+o ..=.B = . . | |+oo.*oBo% | |o++=.==X.. | +----[SHA256]-----+
$ ssh-copy-id forteleaf@[freenas IP] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/forteleaf/.ssh/idid_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'forteleaf@freenas'" and check to make sure that only the key(s) you wanted were added.
본인은 이미 키가
authorized_keys에 등록되어 있는 상태 이기 때문에 위와 같은 메세지가 나온다.
이제 바로 접속하면 된다.
$ ssh forteleaf@[freenas IP]
참조 (서버 sshd 설정)
# /etc/ssh/sshd_config #PubkeyAuthentication yes # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 # but this is overridden so installations will only check .ssh/authorized_keys AuthorizedKeysFile .ssh/authorized_keys #AuthorizedPrincipalsFile none
PubkeyAuthentication 이 설정되어 있어도
authorized_keys파일이 등록되어 있으면, 사용할 수 있다.