Implement public key authentication and login between servers using different key formats

OpenSSH has been used for a long time, and its key format is its own OpenSSH format. The Public Key Authentication and login method is very simple. The following will be a direct example to illustrate the principles of Google search. There are also some keys in the IETF secsh format, which should be the form of keys that continue earlier versions of SSH.

Environment:
Machine A: Use OpenSSH
Machine B: Use OpenSSH
Machine C: Use SSH2 (SSH Secure Shell 3.2.9.1 (non-encrypted cial Version)
Machine D: Use SSH2

Scenario 1: Log On from machine A to machine B
Generate the public key and private key on machine A: first go to the user directory, # ssh-keygen-t rsa. If you do not want to use the password, press Enter.
A directory named. Ssh/is generated under the user directory of machine A, which contains id_rsa (private key file) and id_rsa.pub (Public Key file)
Put the id_rsa.pub content in the user directory of machine B ~ /. Ssh/authorized_keys (one mkdir without the. Ssh directory ).
In this case, you do not need a password to log on to machine B through SSH from machine.

Scenario 2: log in from machine C to machine d
The key format used for SSH2 on machine c is IETF secsh.
Machine C generate the public key and private key: first to the user directory, # ssh-keygen2-t rsa, the same as above.
In the user directory of machine C, a directory is generated, which contains id_rsa_2048_a (private key file) and id_rsa_2048_a.pub (Public Key file)
In the. Ssh/Create File identification, the content is "idkey id_rsa_2048_a". This indicates that the private key is id_rsa_2048_a.
Log on to machine D and create it in the user directory. create the file authorization in the SSH directory with the content "Key XXX. pub "(multi-machine authentication can write multiple rows), xxx. pub (defined by XXX) is in the same directory, and the content is the same as the Public Key id_rsa_2048_a.pub generated on machine C.
In this case, you do not need a password to log on to machine D through SSH from machine C.

Scenario 3: Log On from machine A to machine C
Key formats of different versions used by machine A (openssh format) and machine C (IETF secsh format.
Here we need to use the private key of machine A to generate a public key in the IETF secsh format, instead of using id_rsa.pub directly.
On Machine A, # ssh-keygen-e-f ~ /. Ssh/id_rsa. At this time, the public key content in the IETF secsh format will be generated, and the content will be placed in the ~ of the machine C ~ /. Ssh/xxx. Pub (the name defined by XXX), and then create the file authorization with the content "Key XXX. Pub ".
In this case, you do not need a password to log on to machine C through SSH from machine.

It is easy to implement other situations after you understand the principles.

TIPS:
Ssh-keygen-e-f ~ /. Ssh/id_rsa converts keys in OpenSSH format into IETF secsh format
Ssh-keygen-I-f ~ /. Ssh/id_rsa converts IETF secsh-format keys into OpenSSH key-format keys