如何驗證 SSH Private / Public Key 為同一把 Key

2019-01-08 OS

前陣子在幫同事丟 SSH Public Key 到設備後遇到一直無法驗證 Public Key 的情況,依稀記得以前有用過可以拿 Private Key 去驗證 Public Key 是否同一把,但是隨著時間流失就忘了 … 才發現 Blog 沒寫到這件事,剛好記錄下來。

使用方式很簡單,先產生一對 RSA Key

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): demo
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in test.
Your public key has been saved in test.pub.
The key fingerprint is:
SHA256:1biOIkmaRpNF5NErMjUXNI2WIR6C5aPozFVxIFMzKTE root@shazi.info
The key's randomart image is:
+---[RSA 2048]----+
| ooEOOBB         |
|.. **=@..  o     |
|  o.== .  o .    |
|..o+o .  . .     |
|o ++..  S .      |
|+..= .   o       |
| ++ o . . .      |
| .   . .         |
|                 |
+----[SHA256]-----+

$ ls
demo demo.pub

然後一樣用 ssh-keygen 拿 private key 產生 public key。

$ ssh-keygen -y -f demo
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEehUYmDtDCjMVtI7nrsjYVXuq9+3YGki/DbBY2HBbgby4QqbXe3zZxaOqfvCRqmfj5Dt2TiGibKsMS/5ZYNlXByAe8yIUCGH3VPL9faLs7OlzMKTCVtMw7EWs0EuSS4Z90K2cesVy9NrtSp7wSYj1/abF/wZpbX4CwjvSGjZLd3WMC4az7xQq0ogkktnMt8dx554uZQP9yPedbpJLJDJI8Cew9OiadJ7LIR42aQ6SSWrcTV67qlO02PmXERLjuYHhVnIFffA5dqOrL4CI1tkrq0PMj9RnEzLpL5711Ce/WAiwKFfC3uNRMqTkt5YqCPkmSAfMW08Atln/d2/piN4L

$ cat demo.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEehUYmDtDCjMVtI7nrsjYVXuq9+3YGki/DbBY2HBbgby4QqbXe3zZxaOqfvCRqmfj5Dt2TiGibKsMS/5ZYNlXByAe8yIUCGH3VPL9faLs7OlzMKTCVtMw7EWs0EuSS4Z90K2cesVy9NrtSp7wSYj1/abF/wZpbX4CwjvSGjZLd3WMC4az7xQq0ogkktnMt8dx554uZQP9yPedbpJLJDJI8Cew9OiadJ7LIR42aQ6SSWrcTV67qlO02PmXERLjuYHhVnIFffA5dqOrL4CI1tkrq0PMj9RnEzLpL5711Ce/WAiwKFfC3uNRMqTkt5YqCPkmSAfMW08Atln/d2/piN4L root@shazi.info

兩把 Public Key 必須是相同的,後面的「root@shazi.info」為 comment

給 Mr. 沙先生一點建議

彙整

分類

展開全部 | 收合全部

License

訂閱 Mr. 沙先生 的文章

輸入你的 email 用於訂閱