freenas | ssh key 로그인

매번 비밀번호를 사용해서 로그인하는 것은 너무나 번거로운 일이다.
접속할 컴퓨터에서 key-gen을 통해서 키가 생성되어 있어야 한다.

키 생성하기

$ ssh-keygen                                                                                                                                                                                                                                          Generating public/private rsa key pair.
Enter file in which to save the key (/Users/forteleaf/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in idid_rsa.
Your public key has been saved in idid_rsa.pub.
The key fingerprint is:
SHA256:lPQOOLrnc4N2dYOy0snymLKmibxGKTrx9Vijcn/GFOg forteleaf@leaf-macbook.local
The key's randomart image is:
+---[RSA 2048]----+
|        .        |
|       o o       |
|      o.+ .      |
|     ..o.o       |
|  . ..  S...     |
|oo  ..E o o o    |
|+o ..=.B = . .   |
|+oo.*oBo%        |
|o++=.==X..       |
+----[SHA256]-----+

키 복사하기

$ ssh-copy-id forteleaf@[freenas IP]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/forteleaf/.ssh/idid_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Number of key(s) added:        1

Now try logging into the machine, with:   "ssh 'forteleaf@freenas'"
and check to make sure that only the key(s) you wanted were added.

본인은 이미 키가 authorized_keys에 등록되어 있는 상태 이기 때문에 위와 같은 메세지가 나온다.
이제 바로 접속하면 된다.

접속

$ ssh forteleaf@[freenas IP]

참조 (서버 sshd 설정)

# /etc/ssh/sshd_config

#PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile      .ssh/authorized_keys

#AuthorizedPrincipalsFile none

PubkeyAuthentication 이 설정되어 있어도 authorized_keys파일이 등록되어 있으면, 사용할 수 있다.