SSH 키 생성, 서버 등록 및 접속하는 방법

SSH 키 생성, 서버 등록 및 접속하는 방법

1. SSH 키 생성

로컬 컴퓨터에서 SSH 키를 생성합니다.

ssh-keygen -t rsa -b 4096

이 명령은 RSA 알고리즘을 사용하여 4096비트의 키 쌍을 생성합니다. 필요에 따라 -t 및 -b 옵션을 조정할 수 있습니다.

ssh-keygen -t rsa -b 2048 -C "deployment"

$ ssh-keygen -t rsa -b 2048 -C "deployment"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/vagrant/.ssh/id_rsa): 
Created directory '/home/vagrant/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/vagrant/.ssh/id_rsa
Your public key has been saved in /home/vagrant/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:3lLd1DrhezKptXWmy7iUI1uk869/MYyFDZPot6Z3rNg deployment
The key's randomart image is:
+---[RSA 2048]----+
|            . .  |
|           . + . |
|          .   B .|
|           o * = |
|        S . + X  |
|       . o o = B |
|        o = B B B|
|         . OoB @o|
|          ..BEXo |
+----[SHA256]-----+

2. SSH 키 등록

생성된 SSH 키의 공개 키를 서버에 등록해야 합니다.

 

• 공개 키(id_rsa.pub)를 복사하여 서버에 붙여넣습니다.

ssh-copy-id username@server_ip

ssh-copy-id vagrant@172.19.0.2

$ ssh-copy-id vagrant@172.19.0.2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/vagrant/.ssh/id_rsa.pub"
The authenticity of host '172.19.0.2 (172.19.0.2)' can't be established.
ED25519 key fingerprint is SHA256:Zc6syJ2KkZbcQGXou9HEWdzE+2r91PW11bIS/Aw/2bk.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
vagrant@172.19.0.2's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'vagrant@172.19.0.2'"
and check to make sure that only the key(s) you wanted were added.

728x90

• 공개 키(id_rsa.pub)를 수동으로 복사하여 서버의 ~/.ssh/authorized_keys 파일에 추가할 수 있습니다.

su - vagrant

mkdir -m 700 .ssh

vim .ssh/authorized_keys

$ cat .ssh/authorized_keys
ssh-rsa AAAxgjYlHnCgB deployment

chmod 644 .ssh/authorized_keys

$ ls -l .ssh/authorized_keys    
-rw-r--r-- 1 vagrant vagrant 392 Jan 30 09:23 .ssh/authorized_keys

3. SSH 접속

SSH 키가 등록되면 아래와 같은 명령어를 사용하여 서버에 접속할 수 있습니다.

ssh username@server_ip

$ ssh 172.19.0.2
Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.15.0-60-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

This system has been minimized by removing packages and content that are
not required on a system that users do not log into.

To restore this content, you can run the 'unminimize' command.

$ ssh 172.19.0.3
The authenticity of host '172.19.0.3 (172.19.0.3)' can't be established.
ED25519 key fingerprint is SHA256:ASNaNqbntbKWRaKGwpsDecroM702rKiR3BM2+sK5+UU.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '172.19.0.3' (ED25519) to the list of known hosts.
Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.15.0-60-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

This system has been minimized by removing packages and content that are
not required on a system that users do not log into.

To restore this content, you can run the 'unminimize' command.

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

 

SSH 키를 생성하고 서버에 등록하여 SSH를 통해 서버에 안전하게 접속할 수 있습니다.