キーペアの生成
ssh-keygen -t rsa -b ビット数 -C "コメント"
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
[vagrant@localhost .ssh]$ ssh-keygen -t rsa -b 4096 -C "taustation@gmail.com" Generating public/private rsa key pair. Enter file in which to save the key (/home/vagrant/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/vagrant/.ssh/id_rsa. Your public key has been saved in /home/vagrant/.ssh/id_rsa.pub. The key fingerprint is: SHA256:j5+VU9iuJe27rm/ExqWzYJLa7Kq7V3D+wyrdcAJAIhU taustation@gmail.com The key's randomart image is: +---[RSA 4096]----+ | ..Eo. | | . .. | | . | | o . o .| | S= ..ooo | | oB +=B | | .*.X=++o | | +.+o=*o | | +=.+=.o**o | +----[SHA256]-----+ |
生成されたキーは、デフォルトでは以下のファイルに記録されている。パーミッションは秘密鍵が600、公開鍵が644。
- 秘密鍵:
~/.ssh/id_rsa - 公開鍵:
~/.ssh/id_rsa.pub
|
1 2 3 4 5 |
[vagrant@localhost ~]$ ls -Al ~/.ssh 合計 12 -rw-------. 1 vagrant vagrant 389 2月 23 20:50 authorized_keys -rw-------. 1 vagrant vagrant 3326 8月 6 09:12 id_rsa -rw-r--r--. 1 vagrant vagrant 746 8月 6 09:12 id_rsa.pub |
秘密鍵の内容
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
[vagrant@localhost ~]$ cat ~/.ssh/id_rsa -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,******************************** **************************************************************** **************************************************************** **************************************************************** ..... **************************************************************** **************************************************************** **************************************************************** -----END RSA PRIVATE KEY----- |
公開鍵の内容
|
1 2 |
[vagrant@localhost ~]$ cat ~/.ssh/id_rsa.pub ssh-rsa ******************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************** taustation@gmail.com |
オプション
ssh-keygen --help
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
[vagrant@localhost .ssh]$ ssh-keygen --help unknown option -- - usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] [-N new_passphrase] [-C comment] [-f output_keyfile] ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile] ssh-keygen -i [-m key_format] [-f input_keyfile] ssh-keygen -e [-m key_format] [-f input_keyfile] ssh-keygen -y [-f input_keyfile] ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile] ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile] ssh-keygen -B [-f input_keyfile] ssh-keygen -D pkcs11 ssh-keygen -F hostname [-f known_hosts_file] [-l] ssh-keygen -H [-f known_hosts_file] ssh-keygen -R hostname [-f known_hosts_file] ssh-keygen -r hostname [-f input_keyfile] [-g] ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point] ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines] [-j start_line] [-K checkpt] [-W generator] ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals] [-O option] [-V validity_interval] [-z serial_number] file ... ssh-keygen -L [-f input_keyfile] ssh-keygen -A ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number] file ... ssh-keygen -Q -f krl_file file ... |
参考サイト: